Restrict Sensor Pairing To Specific Controller

You can enable security and change KEY_TABLE_DEFAULT_KEY in config.h to use your own network key to do this.

I changed the following to intentionally mismatch the keys defined in sensor and collection, however my sensor node is still able to connect to the collector and transmit data

/*! Setting Default Key*/
#define KEY_TABLE_DEFAULT_KEY {0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,\
                               0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}

Try to erase the flash and test again.

I did the test again with "Erase -> All unprotected pages" check in SmartRF programmer (for both sensor and collector), but the result is the same. Is there anything else in the code that I need to change for this key mechanism to take effect?

Thanks

Do you enable security?

How do I do that?

Set "#defineCONFIG_SECURE true" in config.h. I just test on collector and sensor examples of TI 15.4 MAC and they work as expected.

Hi Chen,

Thanks I got it working., It was a problem in my code.

I however have another question,

When the sensor sends the association request to the collector, I presume the network key is part of that association request and if it does not match the network key of the controller, the association request is denied.

With this logic i modified the code as such

static ApiMac_assocStatus_t cllcDeviceJoiningCB(
                ApiMac_deviceDescriptor_t *pDevInfo,
                ApiMac_capabilityInfo_t *pCapInfo)
{
    ApiMac_assocStatus_t status;

    /* Make sure the device is in our PAN */
    if(pDevInfo->panID == devicePanId)
    {
        /* Update the user that a device is joining */
        status = Csf_deviceUpdate(pDevInfo, pCapInfo);
        if(status==ApiMac_assocStatus_success)
        {
            /* Add device to security device table */
        	ApiMac_status_t ret =  Cllc_addSecDevice(pDevInfo->panID,
                              pDevInfo->shortAddress,
                              &pDevInfo->extAddress, 0);

            Util_setEvent(&Collector_events, COLLECTOR_CONFIG_EVT);

			#if defined(ENABLE_UART)
            if(ret == ApiMac_status_success)
			{
            	CUSTOM_UART_write_string("*** Sensor mote association OK", 1);
			}
            else
            {
            	CUSTOM_UART_write_string("*** Sensor mote association FAIL (INCORRECT NETWORK KEY?)", 1);
            }
			#endif
        }
    }
    else
    {
        status = ApiMac_assocStatus_panAccessDenied;
    }
    return (status);
}

However no matter if the sensor/controller keys match or mismatch, I always get ApiMac_status_success as the return code from the Cllc_addSecDevice function.

Can you help me on why is that the case and if not here, where can I check for the key mismatch?

While testing I see that even if the keys do not match, the sensor is able to associate to the controller. However it cannot send any data to the controller. So i am confused weather the network key is checked while associating or on per message basis?

Thanks

It doesn't check network Key when device does association. When association is done, collector/sensor would try to decrypt exchanged messages. If message cannot be decrypted, sensor would be asked to leave.

Ok got it. So if I want this functionality, my application layer would need to handle it.

Also last question. So in an IEEE 802.15.4 network, there is no concept of a 'network id' also. The only thing that matters is that the sensor and the collector should have some channels overlapping so that when the sensor sends out association request on it's configured channels, all the PAN controllers on that channel can send out a reply and the sensor can chose what PAN ID to associate itself with. Correct?

thanks

Actually, PANID is network ID. You can assign your own PANID to both collector and sensor then senor can only join a collector network with the same PANID.

Oh got it. You are right. Thanks Chen. I really appreciate your help :)

You are welcome.