How do I secure a ZigBee network payload?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How do I secure a ZigBee network payload?

Jump to solution
2,676 Views
andrewfitzsimon
Contributor II

Hello,

I am writing an application (on the KW2x platform) that requires the network payload of my ZigBee data message to be be encrypted with ENC-MIC-32 and no MAC security.

I have ported my code from BeeKit to Kinetis MKW2xD and MCR20A Connectivity Software (REV 1.0.0).

Previously I had been using SecLib_CcmStar(). In the new middleware I cannot find this or a similar function.

I did some grep'ing and found AES_128_CCM_Star() tucked away in a library, but there is no interface for it and I am unable to determine if I am using it properly.

Are there any references that use this level of security?

Thanks,

Andrew Fitzsimons

San Juan Software

Labels (2)
1 Solution
2,078 Views
andrewfitzsimon
Contributor II

Ok, I have found how to use the basic AES_128_CCM() function to encrypt data for the ZigBee network payload.

To encrypt use:

AES_128_CCM(

pointer_to_payload,

length_of_payload,

pointer_to_network_aux_header,

length_of_network_aux_header,

pointer_to_nonce,

size_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_network_aux_header + length_of_payload,

security_level,

gSecLib_CCM_Encrypt_c);

To decrypt:

AES_128_CCM(

pointer_to_payload,

length_of_payload - length_of_mic,

pointer_to_nwk_aux_header,

length_of_nwk_aux_header,

pointer_to_nonce,

length_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_nwk_aux_header + length_of_payload - length_of_mic,

security_level,

gSecLib_CCM_Decrypt_c);

View solution in original post

0 Kudos
Reply
4 Replies
2,079 Views
andrewfitzsimon
Contributor II

Ok, I have found how to use the basic AES_128_CCM() function to encrypt data for the ZigBee network payload.

To encrypt use:

AES_128_CCM(

pointer_to_payload,

length_of_payload,

pointer_to_network_aux_header,

length_of_network_aux_header,

pointer_to_nonce,

size_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_network_aux_header + length_of_payload,

security_level,

gSecLib_CCM_Encrypt_c);

To decrypt:

AES_128_CCM(

pointer_to_payload,

length_of_payload - length_of_mic,

pointer_to_nwk_aux_header,

length_of_nwk_aux_header,

pointer_to_nonce,

length_of_nonce,

pointer_to_aes_128_key,

pointer_to_payload,

pointer_to_payload + length_of_nwk_aux_header + length_of_payload - length_of_mic,

security_level,

gSecLib_CCM_Decrypt_c);

0 Kudos
Reply
2,078 Views
andrewfitzsimon
Contributor II

112 views and no responses... Is anyone out there??

2,078 Views
freshmango90
Contributor III

Hey Andrew,

Most of the views may not be the employees, which has all the answers you need. Be patient.

On the side note however, funny how you bring it up. I have emailed San Juan Software many times last year trying to ask for the Zigbee example code that was provided by Drew Gislason and they never got back to me. The book is called "Zigbee Wireless Networking" and it points us to the website that is currently expired for many years now. ( http://zigbookexamples.com/code​ )

I would really appreciate if you could contact someone and provide me the example code. I bought the book, and I'm not satisfied at all because I felt like I missed out a lot due to lack of the example code. To be honest, it was a good book, but incomplete without the code.

Thanks in advance

2,078 Views
andrewfitzsimon
Contributor II

Hi freshmango,

Unfortunately that book is no longer up to date with the latest ZigBee standards, and the example code is out of date. Try emailing support@sanjuansw.com again with your request.

0 Kudos
Reply