zigbee security

Hi KEERTHI G,

Sorry you because that's a question rather than a answer.
Which sample you base on?
Did you just have those setting "SECURE = 1, zgPreConfigKeys = TRUE, Default Key" that you could enable security of Z-Stack?
How you can know the security is enabled or not?

Thank you,
Best Regards.

Hi Friend,
I have used sampleapp.
I have followed the procedure given in zstack developer guide.


The devices without enabled the security couldn't send and receive data from coordinator or other devices within security enabled (network).


Regards,
Keerthi G.

You can check ZDApp_ProcessNetworkJoin(). If my memory is correct, device would do reset if security enable but authentication fail.

Hi KEERTHI G,

Thanks for your answer.

"The devices without enabled the security couldn't send and receive data from coordinator or other devices within security enabled (network).". You mean devices can join the network but it can not communication with each other, right?

Second, you can give me detail how you implement the security, which z-stack version used? you mentioned about sampleapp, it means samplelight or sampleswitch or another?

Thanks you,

Best Regards.

Hi Chen,
It is correct.
The device connect and disconnect again and again because of authentication fail.

I have one more doubt and already mentioned in first post.

I have set SECURE =0 in end device and SECURE = 1 in coordinator.

The end device was connected to coordinator but data transfer are not working.

How end device connected to coordinator?

Is it possible ?


Regards,
Keerthi G.

Hi Tung Dao,

You mean devices can join the network but it can not communication with each other, right?

It happened in my testing. But I don't know whether it is possible or not.

 

Second, you can give me detail how you implement the security, which z-stack version used? you mentioned about sampleapp, it means samplelight or sampleswitch or another?

 

I am using MSP430F5438 Experimenter Board with cc2520. 

IAR version is 5.60.6.

ZStack-EXP5438-2.5.1 

I am using zstack\Samples\SampleApp project.

I just followed the procedure which is mentioned in zstack developer guide (Security section).

1) SECURE = 1 (Preprocessor directive present in f8wConfig.cfg)

2) zgPreConfigKeys = TRUE ( present in ZGlobals.c )

3) I have changed the default key as per my wish.(present in f8wConfig.cfg) 

It has many steps. i have followed only above three. 

For more information please refer Security section in zstack developer guide .

Regards,

Keerthi G.

 

Hi Chen,

Thanks You.

Regards,

Keerthi G.

Hi KEERTHI G,

I still cannot implement security for my system. I did follow steps at both ZC and ZE side:
1. Edit preprocessors: SECURE=1, TC_LINKKEY_JOIN
2. zgPreConfigKeys = TRUE
3. Edit DEFAULT_TCLK_KEY

I guess that problem is the Transport Key Process because I got the failed result from APSME_TransportKeyReq() function, why this function return failed value?

Hi Tung Dao,

I have used the SamplaApp project which is private profile.

The location is zstack\Samples\SampleApp\EXP5438SampleApp.eww

For Public profile, There is different procedure to implement the security.

Which project did you used for this?

Regards,

Keerthi G.

I use Z-Stack 1.20, Home Automation profile and sample SampleSwitch.eww

Hi Tung,
When you want to use TC_LINK_KEY, you should keep zgPreConfigKeys = FALSE.

Hi Yikai Chen,

I have read the "Security" section of "Z-Stack Developer's Guide" but I still not clear about Zigbee Security.
1. Z-Stack supported 2 kind of key, there are Network key (default key) and Trust Center Link Key (TCLK)
2. What is the role of network key and TCLK? and can we apply both these keys in one device?

Please help me make clear these points.

Thank you,
Tung Dao.

You can refer to Zigbee alliance presentation at https://docs.zigbee.org/zigbee-docs/dcn/09/docs-09-5378-00-0mwg-zigbee-security.pdf