• State
  • Locked Locked
  • Replies 3 replies
  • Subscribers 54 subscribers
  • Views 589 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

A dangerous bug of Z-stack about Security-Key

Aries Lord
Genius 5250 points
Other Parts Discussed in Thread: Z-STACK

In now z-stack, trust-key is send to Nod like this. When a new Nod join(associate or rejoin-unsecured),the Parent will apply the KEY for new nod from Trust-Center(coordinator itself) at  600-ms(ZDAPP_NEW_DEVICE_TIME) after.

But if this nod without correct Key is not expected to join into current network,and Parent will keep its information still in AssociatedDevList and AddrMgr. So when there are many-many nods without  correct-key Join in to network,the network will go breakdown.

I suggest changing like this. Paren apply the Key from Trust Center once receive join-request(associate or rejoin-unsecured).Once the Nod gets Correct Key,it can be considered Join-Success and will broadcast ZDO_DEVICE_ANNCE. At 600-ms after,when the Paren trigger ZDO_NEW_DEVICE evetn,the Parent verify that if it have received the Nod's ZDO_DEVICE_ANNCE. If Parent has never received Nod's ZDO_DEVICE_ANNCE,parent delete this NOD.

  • 0
    TI__Genius 9325 points

    Hi Aries,

    Thanks for the valuable analysis and suggestion. That issue can be resolved by child aging mechanism. Please search for ZIGBEE_CHILD_AGING in Z-Stack code and take a look. Please note that the child aging mechanism included in the current version of Z-Stack is TI proprietary and the future version of Z-Stack based on ZigBee core spec r21 will provide the ZigBee standard child aging mechanism.

    - Cetri

  • 0 in reply to Cetri
    Genius 5250 points

    Child Aging can only deal  with End-Device  but Router.It is worse that the coordinator will allocate AddrMgr as Security for this un-authored Router.

  • 0 in reply to Aries Lord
    TI__Genius 9325 points

    Hi Aries,

    Have you checked the AddrMgr table entries after authentication failure? If a joining device fails to be authenticated, the short address and the extended address of that device are still in an entry but the 'ctrl' field is set to 0, which means that entry can be used by another device any time. In other words, that entry is not actually occupied.

    - Cetri