SlideShare a Scribd company logo

Zigbee Security

Download as PPTX, PDF
Mehul Boricha
Mehul Boricha

Learn more about the following topics about Zigbee: + What is Zigbee? + Areas of Operation + Zigbee Security Basics + Zigbee Stack Layers + Network Key + Link Key + Network Layer Security + Application Support Sublayer Security

Technology
1 of 12
Zigbee Security Presented by Mehul Kumar
What is Zigbee? • ZigBee is a standard for personal-area networks • Aim of providing low-cost, low-power consumption, two-way, reliable, wireless communications standard for short range applications.
Zigbee Areas of Operation • Remote Control • Input Devices • Home Automation • Building Automation • Health Care • Telecom Services • Retail Services • Smart Energy
Zigbee Security: The Basics • Complex Security Measures • Ensure Key Establishment, Secure Networks, Key Transport and Frame Security • Based on an "open trust" model: all protocol stack layers trust each other • Cryptographic protection only occurs between devices
Zigbee Stack Layers • Physical Layer (PHY) • Medium Access Control (MAC) • Network Layer (NWK) • Application Layer (APL)
Zigbee Security: Network Key • Network key is used to secure broadcast communication. • This 128-bit key is shared among all devices in the network. • Usually multiple network keys are stored by the Trust Center, but only one network key is the active network key. • The current active network key is identified by a sequence number and may be used by the NWK and APL layers of a device. • A device must acquire a network key via key-transport or
Zigbee Security: Link Key • Link key is used to secure unicast communication on Application layer. • This 128-bit key is shared only between two devices. • Link keys are acquired either via key-transport, key- establishment, or preinstallation (for example, during factory installation)
Network Layer Security • The ZigBee Network Layer ensures the integrity and encryption of the transmitted frames by applying AES encryption (AES CCM mode) with a key length of 128 bit, and ensures its integrity by using a cipher block chaining message authentication code
Application Support Sublayer Security • If a frame originated by the APS layer needs to be secured, the APS layer is responsible for the proper protection of the frame. • The APS layer allows frame security to be based on link keys or the network key. • If the active network key should be used for frame protection, the APS layer first checks if the frame gets protected on NWK layer. • If so the frame just gets passed to the NWK layer and the frame protection is performed on the NWK layer.
Application Support Sublayer Security • ZigBee Security is based on the assumption that keys are securely stored, and devices are pre-loaded with symmetric keys so they have never to be transmitted unencrypted. • If a nonpreconfigured device joins a network, a single key may be sent unprotected and enable encrypted communication. [Brief Exploit Window] • Physical Access can Compromise the Network
Extras • ZigBee Home Automation Public Application Profile (HAPAP) • ZigBee Light Link Profile (ZLL) • SECBEE
Conclusion • Device Tampering • Key Transport & Establishment • Key Rotation

Recommended

Project presentation - Steganographic Application of improved Genetic Shifti...
Project presentation - Steganographic Application of improved Genetic Shifti...Project presentation - Steganographic Application of improved Genetic Shifti...
Project presentation - Steganographic Application of improved Genetic Shifti...Vladislav Kaplan
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Pumping lemma Theory Of Automata
Pumping lemma Theory Of AutomataPumping lemma Theory Of Automata
Pumping lemma Theory Of Automatahafizhamza0322
 
Context free grammars
Context free grammarsContext free grammars
Context free grammarsRonak Thakkar
 
Introduction to lambda calculus
Introduction to lambda calculusIntroduction to lambda calculus
Introduction to lambda calculusAfaq Siddiqui
 
Prtg Network Monitor
Prtg Network MonitorPrtg Network Monitor
Prtg Network MonitorKavi International
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
NAS Concepts
NAS ConceptsNAS Concepts
NAS ConceptsRamkaliyaperumal
 

Recommended

Project presentation - Steganographic Application of improved Genetic Shifti...
Project presentation - Steganographic Application of improved Genetic Shifti...Project presentation - Steganographic Application of improved Genetic Shifti...
Project presentation - Steganographic Application of improved Genetic Shifti...Vladislav Kaplan
 
Intrusion prevention system(ips)
Intrusion prevention system(ips)Intrusion prevention system(ips)
Intrusion prevention system(ips)Papun Papun
 
Pumping lemma Theory Of Automata
Pumping lemma Theory Of AutomataPumping lemma Theory Of Automata
Pumping lemma Theory Of Automatahafizhamza0322
 
Context free grammars
Context free grammarsContext free grammars
Context free grammarsRonak Thakkar
 
Introduction to lambda calculus
Introduction to lambda calculusIntroduction to lambda calculus
Introduction to lambda calculusAfaq Siddiqui
 
Prtg Network Monitor
Prtg Network MonitorPrtg Network Monitor
Prtg Network MonitorKavi International
 
AES-Advanced Encryption Standard
AES-Advanced Encryption StandardAES-Advanced Encryption Standard
AES-Advanced Encryption StandardPrince Rachit
 
NAS Concepts
NAS ConceptsNAS Concepts
NAS ConceptsRamkaliyaperumal
 
Lzw compression
Lzw compressionLzw compression
Lzw compressionMeghna Singh
 
Pda to cfg h2
Pda to cfg h2Pda to cfg h2
Pda to cfg h2Rajendran
 
4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)Sam Bowne
 
Nondeterministic Finite Automata
Nondeterministic Finite AutomataNondeterministic Finite Automata
Nondeterministic Finite AutomataAdel Al-Ofairi
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
String matching algorithms
String matching algorithmsString matching algorithms
String matching algorithmsAshikapokiya12345
 
Adaptive Huffman Coding
Adaptive Huffman CodingAdaptive Huffman Coding
Adaptive Huffman Codinganithabalaprabhu
 
Elgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyElgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyNorth Cap University (NCU) Formely ITM University
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellmanchenlahero
 
Port Scanning
Port ScanningPort Scanning
Port Scanningamiable_indian
 
Context free grammar
Context free grammar Context free grammar
Context free grammar Mohammad Ilyas Malik
 
NAS - Network Attached Storage
NAS - Network Attached StorageNAS - Network Attached Storage
NAS - Network Attached StorageShashank Bhatnagar
 
Des
DesDes
DesAnshul Sharma
 
One time Pad Encryption
One time Pad EncryptionOne time Pad Encryption
One time Pad EncryptionAbdullah Mubashar
 
01 knapsack using backtracking
01 knapsack using backtracking01 knapsack using backtracking
01 knapsack using backtrackingmandlapure
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 
Context free grammar
Context free grammarContext free grammar
Context free grammarRadhakrishnan Chinnusamy
 
Image compression
Image compressionImage compression
Image compressionpartha pratim deb
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANsIshraq Al Fataftah
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
 
Module 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptxModule 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptxAliMohamed855266
 

More Related Content

What's hot

4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)Sam Bowne
 
Nondeterministic Finite Automata
Nondeterministic Finite AutomataNondeterministic Finite Automata
Nondeterministic Finite AutomataAdel Al-Ofairi
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
NAS - Network Attached Storage
NAS - Network Attached StorageNAS - Network Attached Storage
NAS - Network Attached StorageShashank Bhatnagar
 
01 knapsack using backtracking
01 knapsack using backtracking01 knapsack using backtracking
01 knapsack using backtrackingmandlapure
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksJim Geovedi
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANsIshraq Al Fataftah
 

What's hot (20)

Lzw compression
Lzw compressionLzw compression
Lzw compression
 
Pda to cfg h2
Pda to cfg h2Pda to cfg h2
Pda to cfg h2
 
4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)4. The Advanced Encryption Standard (AES)
4. The Advanced Encryption Standard (AES)
 
Nondeterministic Finite Automata
Nondeterministic Finite AutomataNondeterministic Finite Automata
Nondeterministic Finite Automata
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard)
 
String matching algorithms
String matching algorithmsString matching algorithms
String matching algorithms
 
Adaptive Huffman Coding
Adaptive Huffman CodingAdaptive Huffman Coding
Adaptive Huffman Coding
 
Elgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyElgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copy
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellman
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
 
Context free grammar
Context free grammar Context free grammar
Context free grammar
 
NAS - Network Attached Storage
NAS - Network Attached StorageNAS - Network Attached Storage
NAS - Network Attached Storage
 
Des
DesDes
Des
 
One time Pad Encryption
One time Pad EncryptionOne time Pad Encryption
One time Pad Encryption
 
01 knapsack using backtracking
01 knapsack using backtracking01 knapsack using backtracking
01 knapsack using backtracking
 
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication NetworksHITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
HITB Labs: Practical Attacks Against 3G/4G Telecommunication Networks
 
Context free grammar
Context free grammarContext free grammar
Context free grammar
 
Image compression
Image compressionImage compression
Image compression
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
 

Similar to Zigbee Security

Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...cmstiernberg
 
Module 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptxModule 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptxAliMohamed855266
 
ZigBee energy manager Keletron presales
ZigBee energy manager Keletron presalesZigBee energy manager Keletron presales
ZigBee energy manager Keletron presalesYiannis Hatzopoulos
 
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docxDescribe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docxearleanp
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technologytardeep
 
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .amanpandey7656
 
IP Security One problem with Internet protocol (IP) is that it has.pdf
IP Security One problem with Internet protocol (IP) is that it has.pdfIP Security One problem with Internet protocol (IP) is that it has.pdf
IP Security One problem with Internet protocol (IP) is that it has.pdfsolimankellymattwe60
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
IP Protocol Security
IP Protocol SecurityIP Protocol Security
IP Protocol SecurityDavid Barker
 
zigbee_presentation.pptx
zigbee_presentation.pptxzigbee_presentation.pptx
zigbee_presentation.pptxBhumitPatel46
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocolsOnline
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11Waqas Ahmed Nawaz
 

Similar to Zigbee Security (20)

Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
Module 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptxModule 8 - Ccna - Pre.pptx
Module 8 - Ccna - Pre.pptx
 
Wifi
WifiWifi
Wifi
 
ZigBee energy manager Keletron presales
ZigBee energy manager Keletron presalesZigBee energy manager Keletron presales
ZigBee energy manager Keletron presales
 
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docxDescribe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
Describe ip protocol security pros and cons-SolutionIP Protocol Securi.docx
 
Zigbee Presentation
Zigbee PresentationZigbee Presentation
Zigbee Presentation
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
 
Tech sem on zig 1
Tech sem on zig 1Tech sem on zig 1
Tech sem on zig 1
 
Tech sem on zig 1
Tech sem on zig 1Tech sem on zig 1
Tech sem on zig 1
 
Zigbee technology
Zigbee technologyZigbee technology
Zigbee technology
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .
Zigbee Fnl.pptx , you can access this zigbee technology presentation slides .
 
Resilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential ModeResilience in the ZigBee Residential Mode
Resilience in the ZigBee Residential Mode
 
IP Security One problem with Internet protocol (IP) is that it has.pdf
IP Security One problem with Internet protocol (IP) is that it has.pdfIP Security One problem with Internet protocol (IP) is that it has.pdf
IP Security One problem with Internet protocol (IP) is that it has.pdf
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and security
 
IP Protocol Security
IP Protocol SecurityIP Protocol Security
IP Protocol Security
 
zigbee_presentation.pptx
zigbee_presentation.pptxzigbee_presentation.pptx
zigbee_presentation.pptx
 
Network security and protocols
Network security and protocolsNetwork security and protocols
Network security and protocols
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 

Recently uploaded

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Zigbee Security

  • 2. What is Zigbee? • ZigBee is a standard for personal-area networks • Aim of providing low-cost, low-power consumption, two-way, reliable, wireless communications standard for short range applications.
  • 3. Zigbee Areas of Operation • Remote Control • Input Devices • Home Automation • Building Automation • Health Care • Telecom Services • Retail Services • Smart Energy
  • 4. Zigbee Security: The Basics • Complex Security Measures • Ensure Key Establishment, Secure Networks, Key Transport and Frame Security • Based on an "open trust" model: all protocol stack layers trust each other • Cryptographic protection only occurs between devices
  • 5. Zigbee Stack Layers • Physical Layer (PHY) • Medium Access Control (MAC) • Network Layer (NWK) • Application Layer (APL)
  • 6. Zigbee Security: Network Key • Network key is used to secure broadcast communication. • This 128-bit key is shared among all devices in the network. • Usually multiple network keys are stored by the Trust Center, but only one network key is the active network key. • The current active network key is identified by a sequence number and may be used by the NWK and APL layers of a device. • A device must acquire a network key via key-transport or
  • 7. Zigbee Security: Link Key • Link key is used to secure unicast communication on Application layer. • This 128-bit key is shared only between two devices. • Link keys are acquired either via key-transport, key- establishment, or preinstallation (for example, during factory installation)
  • 8. Network Layer Security • The ZigBee Network Layer ensures the integrity and encryption of the transmitted frames by applying AES encryption (AES CCM mode) with a key length of 128 bit, and ensures its integrity by using a cipher block chaining message authentication code
  • 9. Application Support Sublayer Security • If a frame originated by the APS layer needs to be secured, the APS layer is responsible for the proper protection of the frame. • The APS layer allows frame security to be based on link keys or the network key. • If the active network key should be used for frame protection, the APS layer first checks if the frame gets protected on NWK layer. • If so the frame just gets passed to the NWK layer and the frame protection is performed on the NWK layer.
  • 10. Application Support Sublayer Security • ZigBee Security is based on the assumption that keys are securely stored, and devices are pre-loaded with symmetric keys so they have never to be transmitted unencrypted. • If a nonpreconfigured device joins a network, a single key may be sent unprotected and enable encrypted communication. [Brief Exploit Window] • Physical Access can Compromise the Network
  • 11. Extras • ZigBee Home Automation Public Application Profile (HAPAP) • ZigBee Light Link Profile (ZLL) • SECBEE
  • 12. Conclusion • Device Tampering • Key Transport & Establishment • Key Rotation