• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 55 subscribers
  • Views 1613 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC2538: Preventing zigbee devices from Replay attacks

Dhanraj
Guru 14820 points

Part Number: CC2538
Other Parts Discussed in Thread: Z-STACK

Hello,

Replay attacks

A replay attack is a kind of key-based attack where the attacker records approved traffic on a network and replay it at a later time to cause malicious effects. These attacks are straight forward in case of ZigBee’s which do not implement a strong encryption or do not implement encryption for communication at all. Replay attack can be evaded with the use and implementation of freshness counter. With these counters implemented, every packet of data which gets transmitted is assigned a freshness number and the counter is thus incremented for every such packet of data, and these packets only get accepted only if their count is greater than that of the freshness counter’s measuring their count. 

Is there any concept of freshness counter or similar  in z-stack?

How these kind of attacks can be prevented in z-stack?

  • 0
    TI__Expert 8950 points
    Yes, Zigbee has a NWK frame counter as part of the NWK security header. Z-Stack devices are designed to ignore packets that do not have a higher incoming NWK frame counter than the previous one that was recorded for that device, and since the NWK frame counter value is encrypted, a malicious device would need to know the NWK key to do anything bad.
  • 0 in reply to JasonB
    Guru 14820 points
    you mean to replay attack is not possible on any zigbee devices , we don't have to worry about replay attack.
    Mentions if any extra point needs to be taken care for this.
  • 0 in reply to Dhanraj
    Guru 735695 points

    It’s possible to do this replay attach but not easy. If a hacker wants to break the system, it’s more easier to jam the RF system than doing replay attach. I suspect why a hacker needs to waste such effort to do so.