AnsweredAssumed Answered

Is there a mechanism for generate link key for zigbee 3.0?like this.

Question asked by Teddy Zheng on Oct 19, 2018
Latest reply on Nov 9, 2018 by Estephania Martinez

(JN516x, JN-SW-4170)

If the link key stored in RAM or Flash, application need to create a large table for storage.

How to solve problems with too many nodes?

Like the below?

 --------------------------------------------------------------------------------------------------

Hashed Link Keys are a shortcut for unique link key storage on devices with constrained key table capacity.  They facilitate pseudo-random link keys by hashing the remote's EUI64 with a given Master Key (chosen by the centralized Trust Center and stored in the Global Link Key slot of TOKEN_STACK_TRUST_CENTER's data) using the AES HMAC algorithm.  Derivation of the key can then be done "just in time" for decryption or encryption as long as the Trust Center knows the remote node's EUI64.  Note that because there is no permanent storage of these hashed keys on the Trust Center, there is also no memory of incoming APS frame counters, so this method has a vulnerability of APS replay attacks.  Also note that the hashing only occurs on the Trust Center side, where many keys may be needed.  Other nodes receive this Trust Center Link Key upon request from the TC and treat it like any other "randomly" derived TCLK.

----------------------------------------------------------------------------------------------

OR...

When a link key is needed for decryption,  generte a event or callback to application in NXP stack?

I think this is a easier ways about NXP.

Outcomes