How do I secure a ZigBee network payload?

andrewfitzsimon · ‎04-21-2016

Hello,

I am writing an application (on the KW2x platform) that requires the network payload of my ZigBee data message to be be encrypted with ENC-MIC-32 and no MAC security.

I have ported my code from BeeKit to Kinetis MKW2xD and MCR20A Connectivity Software (REV 1.0.0).

Previously I had been using SecLib_CcmStar(). In the new middleware I cannot find this or a similar function.

I did some grep'ing and found AES_128_CCM_Star() tucked away in a library, but there is no interface for it and I am unable to determine if I am using it properly.

Are there any references that use this level of security?

Thanks,

Andrew Fitzsimons

San Juan Software

andrewfitzsimon · ‎08-22-2016

Ok, I have found how to use the basic AES_128_CCM() function to encrypt data for the ZigBee network payload.

To encrypt use:

AES_128_CCM(

pointer_to_payload,

length_of_payload,

pointer_to_network_aux_header,

length_of_network_aux_header,

pointer_to_nonce,

size_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_network_aux_header + length_of_payload,

security_level,

gSecLib_CCM_Encrypt_c);

To decrypt:

AES_128_CCM(

pointer_to_payload,

length_of_payload - length_of_mic,

pointer_to_nwk_aux_header,

length_of_nwk_aux_header,

pointer_to_nonce,

length_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_nwk_aux_header + length_of_payload - length_of_mic,

security_level,

gSecLib_CCM_Decrypt_c);

元の投稿で解決策を見る

andrewfitzsimon · ‎08-22-2016

Ok, I have found how to use the basic AES_128_CCM() function to encrypt data for the ZigBee network payload.

To encrypt use:

AES_128_CCM(

pointer_to_payload,

length_of_payload,

pointer_to_network_aux_header,

length_of_network_aux_header,

pointer_to_nonce,

size_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_network_aux_header + length_of_payload,

security_level,

gSecLib_CCM_Encrypt_c);

To decrypt:

AES_128_CCM(

pointer_to_payload,

length_of_payload - length_of_mic,

pointer_to_nwk_aux_header,

length_of_nwk_aux_header,

pointer_to_nonce,

length_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_nwk_aux_header + length_of_payload - length_of_mic,

security_level,

gSecLib_CCM_Decrypt_c);

andrewfitzsimon · ‎05-03-2016

112 views and no responses... Is anyone out there??

freshmango90 · ‎05-06-2016

Hey Andrew,

Most of the views may not be the employees, which has all the answers you need. Be patient.

On the side note however, funny how you bring it up. I have emailed San Juan Software many times last year trying to ask for the Zigbee example code that was provided by Drew Gislason and they never got back to me. The book is called "Zigbee Wireless Networking" and it points us to the website that is currently expired for many years now. ( http://zigbookexamples.com/code )

I would really appreciate if you could contact someone and provide me the example code. I bought the book, and I'm not satisfied at all because I felt like I missed out a lot due to lack of the example code. To be honest, it was a good book, but incomplete without the code.

Thanks in advance

andrewfitzsimon · ‎08-22-2016

Hi freshmango,

Unfortunately that book is no longer up to date with the latest ZigBee standards, and the example code is out of date. Try emailing support@sanjuansw.com again with your request.

How do I secure a ZigBee network payload?

How do I secure a ZigBee network payload?

Bee Stack (ZigBee) Software

KW2xD