Introduction to Zigbee Security: Part 1

Introduction to Zigbee Security: Part 1Introduction

ZigBee is an open-source wireless technology used for low-power embedded devices (radio systems) to facilitate efficient and effective communication between machines (typically 10-100 meters apart) while maintaining a low cost. ZigBee is built on the IEEE 802.15.4 standard and is supported by the ZigBee Alliance (a consortium aimed at standardizing the ZigBee protocol). The ZigBee Alliance has three network specifications: ZigBee Pro, ZigBee RF4CE, and ZigBee IP. The ZigBee Alliance also releases application profiles such as ZigBee Home Automation and ZigBee Smart Energy, allowing different device classes to interoperate.

This article explores the available network topologies of the ZigBee protocol, stack layout, and the core logical devices of a ZigBee network. Understanding the general components of the ZigBee protocol is crucial for performing ZigBee security analysis and testing.

Introduction to Zigbee Security: Part 1Protocol Stack Overview

The ZigBee protocol stack consists of four layers:

· Physical Layer

· Media Access Control (MAC) Layer

· Network Layer (NWK)

· Application Layer (APL)

As shown in Figure 1 below. Each layer provides a set of services exposed to the upper layers through service access points. The physical and MAC layers are governed by the IEEE 802.15.4 standard, while the network and application layers are governed by ZigBee standards.

Introduction to Zigbee Security: Part 1

Figure 1: Overview of ZigBee Protocol Stack Architecture

Application Layer (APL)

It consists of the ZigBee Device Object (ZDO), Application Support Sublayer (APS), and Application Framework.

· The ZigBee Device Object (ZDO) is an application that implements ZigBee end devices, ZigBee routers, and ZigBee coordinators using network and application support layer primitives. It provides the interface between application objects, device profiles, and APS. ZDO is responsible for initializing APS, NWK, and security service providers. It assembles configuration information from end applications to determine and implement device and service discovery, security management (key loading, key establishment, key transfer, and authentication), network management (network discovery, leaving/joining the network, resetting network connections, and creation), binding, node, and group management. The ZigBee Device Object (ZDO) manages the security policies and configurations of the devices.

· APS provides the interface between NWK and APL. It offers services for establishing and maintaining secure relationships. Services are provided through APS Data Entities (APSDE: provides data transmission services between application entities) and APS Management Entities (APMSE: provides security services, device binding, and group management). The APS layer is based on frame security using link keys or network keys. The APS layer is responsible for securely transmitting outgoing frames and securely receiving incoming frames, as well as the processing steps required to securely establish and manage encryption keys. The upper layers control the management of encryption keys by issuing primitives to the APS layer.

· The Application Framework is the environment that hosts application objects (up to 254 can be defined). These are typically application objects defined by manufacturers. It defines the application profiles (message protocols, message formats, and processing operations that allow developers to create interoperable distributed applications using application entities residing on different devices) and clusters.

Introduction to Zigbee Security: Part 1Network Layer (NWK)

The Network Layer ensures the correct operation of the IEEE 802.15.4-2003 MAC sublayer and provides appropriate service interfaces to the application layer. It connects to the application layer through data entities (NLDE: generates network-level PDUs, provides topology-specific routing and security) and management entities (NLME: configures new devices, starts networks, executes joining, rejoining, and leaving network functions, provides addressing functions, neighbor discovery, routing discovery, receive control, and routing). The NWK layer is responsible for the processing steps required for securely transmitting outgoing frames and securely receiving incoming frames. The frame protection mechanism of the NWK layer uses the Advanced Encryption Standard (AES) and CCM* (Counter with CBC-MAC) for authentication and confidentiality.

Introduction to Zigbee Security: Part 1MAC Layer

The MAC layer’s responsibilities include controlling access to the radio channel through the CSMA-CA mechanism, sending beacon frames, synchronization, and providing reliable transmission mechanisms. There are four types of MAC frames: data frames, beacon frames, acknowledgment frames, and MAC command frames. The security of this layer is based on the enhanced IEEE 802.15.4 standard using CCM*, providing only encryption and integrity features. CCM is an enhanced counter encryption scheme with CBC-MAC mode operation. The upper layer sets the MAC layer default key to the active network key of the MAC layer and the MAC layer link key to any link key from the upper layer.

Introduction to Zigbee Security: Part 1Physical Layer

It operates in two separate frequency ranges: 868/915 MHz and 2.4 GHz. The physical layer is responsible for packet generation, packet reception, data transparency, and power management.

Introduction to Zigbee Security: Part 1ZigBee Function Descriptor

The ZigBee Device Object defines three types of logical devices, each with specific roles as shown in Figure 2:

Introduction to Zigbee Security: Part 1

Figure 2: ZigBee Function Descriptor

· ZigBee Coordinator: The device responsible for establishing, executing, and managing the entire ZigBee network. It is responsible for configuring the network’s security level and configuring the trust center’s address (the default is the ZigBee coordinator’s own address; otherwise, the ZigBee coordinator can specify a backup trust center). The ZigBee coordinator also maintains a list of currently associated devices and facilitates support for isolated scanning and rejoining processes, enabling previously associated devices to rejoin the network. There can only be one coordinator per network, so it can never be put into sleep mode (there may be no coordinator in the network). The coordinator can also act as a router if needed.

Note: The ZigBee Trust Center is an application running on other trusted devices in the ZigBee network, used for distributing keys for network and end-to-end application configuration management. The Trust Center can be a coordinator device or a device designated as a trust center by the Zigbee network coordinator.

All members of the network recognize only one trust center, and there is only one trust center in each security network. It is configured to operate in standard or high-security mode and can assist in establishing end-to-end application keys by directly sending link keys (i.e., key management function) or sending master keys. These keys are randomly generated.

· Standard Mode: Designed for residential applications. In this mode, the trust center maintains a list of all devices in the network, master keys, link keys, and network keys; however, it maintains a standard network key and controls the policy for network access. In this mode, each securely joining network device should have a global link key or unique link key, depending on the application used. It is necessary for the trust center to know the value and type of the link key (global or unique) in advance, which facilitates the secure joining of devices to the network.

· The advantage of the global link key is that the memory required by the trust center does not grow with the number of devices in the network.

· The unique link key has the advantage of being unique for each device on the network and can protect application communication from other devices on the network.

Both types of keys can be used on the network, but a device can only use one type of key when using device key pairs.

· High-Security Mode: Designed for high-security commercial applications. In this mode, the trust center maintains a list of devices, master keys, link keys, and network keys to control and enforce network key updates and network access policies. It also requires the use of SKKE and entity authentication to achieve key establishment.

· ZigBee Router: An intermediate node device responsible for routing packets between end devices or between end devices and coordinators. If security is enabled on the network, the router requires permission from the trust center to join the network and can also be used as an end device. In some cases, routers can allow other routers and end devices to join the network and will maintain a list of currently associated devices and facilitate support for isolated scanning and rejoining processes, enabling previously associated devices to rejoin the network. Since routers link multiple parts of the network, they cannot enter sleep mode.

· ZigBee End Device: Typically a sensor node device that monitors and collects environmental data. Unlike routers or coordinators, end devices are low-power or battery-operated. Therefore, if a router or coordinator is not used as an end device, they can be briefly put into sleep mode to save power when there is no activity to monitor. If a router or coordinator is not used as an end device, the end device cannot route traffic or allow other nodes to join the network.

Introduction to Zigbee Security: Part 1Network Topology

ZigBee supports three types of Personal Area Network (PAN) topologies, and the choice of topology must consider which nodes are line-powered or battery-powered, expected battery life, required network traffic, delay requirements, solution costs, etc. Zigbee topologies include:

· Star Topology: In this topology (Figure 3 below), there are no routers, and the coordinator is responsible for routing packets in the network, starting, and maintaining devices on the network. End devices can only communicate through the coordinator.

Disadvantage: Single point of failure. A failure of the coordinator can lead to the entire network shutting down. The star center can become a bottleneck for network bandwidth.

Introduction to Zigbee Security: Part 1

Figure 3: Star Topology

· Tree Topology: In this topology (Figure 4 below), the coordinator acts as the root node responsible for establishing the network and selecting certain key network parameters. Routers can be child nodes of the coordinator or other routers and are responsible for moving data through the network using a hierarchical routing strategy and controlling messages. End devices can be child devices of the coordinator or routers and can only communicate with another end device through the router or coordinator. Tree topology networks can adopt beacon-oriented communication based on the IEEE 802.15.4 standard.

Disadvantage: If the parent node shuts down, child nodes will be inaccessible.

Introduction to Zigbee Security: Part 1

Figure 4: Tree Topology

· Mesh Topology: Also known as self-healing topology (Figure 5 below), supports complete peer-to-peer communication. It has a coordinator, multiple routers for extending the network, and optional end devices. The coordinator is responsible for establishing the network and selecting certain key network parameters. In this topology, routers can be used as end devices but cannot issue beacons. Because it is self-healing, a failure of the coordinator does not lead to a single point of failure, and link failures are least likely to occur.

Disadvantage: Complex and difficult to set up, especially with overhead on nodes.

Introduction to Zigbee Security: Part 1

Figure 5: Mesh Topology

Note: The ZigBee standard does not support cluster tree topologies as the IEEE 802.15.4 standard does.

Introduction to Zigbee Security: Part 1Conclusion

Over the years, the popularity of the ZigBee protocol has achieved leapfrog development. At the same time, security attacks on devices supporting ZigBee are gradually increasing. Its applications in personal homes, hospital care, commercial building automation, etc., necessitate the assessment of the security of the ZigBee protocol, where attacks on critical devices such as pacemakers can be life-threatening. This article outlines the ZigBee protocol and its network components, knowledge that is a prerequisite for understanding ZigBee security and penetration testing. For more information on network setup and other related functionalities, please refer to the Zigbee specification documents. The next article, ZigBee Security: Fundamentals (Part 2), discusses the security features provided by the ZigBee standard.

References

[1] ZigBee specification document 053474r20. Provided by the ZigBee Alliance.

[2] Figure 2: https://mmbnetworks.atlassian.net/wiki/spaces/SKB/pages/39518242/Zigbee+Network+Concepts

[3] Figure 3: http://vlssit.iitkgp.ernet.in/ant/ant/10/theory/

[4] Figure 4: http://www.informit.com/articles/article.aspx?p=1409785&seqNum=4

[5] Figure 5: https://www.certsi.es/en/blog/security-zigbee-communications

Introduction to Zigbee Security: Part 1

Introduction to Zigbee Security: Part 1

Leave a Comment