Beruflich Dokumente
Kultur Dokumente
495
496
Octets: Variable 5 or 6 Variable transaction length and transaction data. The transaction
sequence number field is eight bits in length and specifies an
Original APS Auxiliary Encrypted Encrypted message
header frame payload integrity code ˄MIC˅
identification number for the transaction so that a response
Header command frame can be related to the request frame. The
Secure frame payload = output of CCM* transaction length field is eight bits in length and specifies the
Full APS header Secured APS payload number of octets contained in the following transaction data
field. The transaction data field has a variable length, it
Figure 3. Secured APS Layer Frame Format contains primary message.
D. ZigBee Security Levels Bits: 4 4 8 8 Variable Variable 8 8 Variable
Table I lists ZigBee security levels available to the NWK,
sequence number
sequence number
Transaction data
Transaction data
and APS layers.
Transaction
Transaction
Transaction
Transaction
Frame
length
length
Transaction type ……
TABLE I. SECURITY LEVELS AVAILABLE TO THE NWK, AND APS count =0x02
LAYERS (MSG)
Transaction 1 …… Transaction n
Security Security Frame Integrity AF frame
Security Data
Level Level (length M of MIC, in ASDU
Attributes Encryption
Identifier Sub-Field Number of Octets)
Figure 4. Format of the AF frame with MSG type
0x00 ‘000’ None OFF NO (M = 0)
0x01 ‘001’ MIC-32 OFF YES (M=4)
0x02 ‘010’ MIC-64 OFF YES (M=8) B. The redefinition of the Transaction Data Field of MSG
Frame Type
0x03 ‘011’ MIC-128 OFF YES (M=16)
In order to encryption and integrity checking a data frame
0x04 ‘100’ ENC ON NO (M = 0)
of MSG type, we redefined the transaction data field of MSG
0x05 ‘101’ ENC-MIC-32 ON YES (M=4) frame type. Its format is shown as in Fig. 5.
0x06 ‘110’ ENC-MIC-64 ON YES (M=8)
Bits: 8 8 8 8 Variable
0x07 ‘111’ ENC-MIC-128 ON YES (M=16)
Transaction Key bit Real transaction
Transaction sequence. MIC data
sequence
length
The security level identifier indicates how an outgoing number
Transaction data
frame is to be secured, how an incoming frame purportedly has Transaction 1
been secured; it also indicates whether or not the payload is
Figure 5. The redefinition of the transaction data field of
encrypted and to what extent data authenticity over the frame is MSG Frame type
provided, as reflected by the length of the message integrity
code (MIC). The bit length of the MIC may take the values 0, The security material table is 32 bytes in length and is
32, 64 or 128 and determines the probability that a random divided into two groups, each 16 bytes for a group. The Key bit
guess of the MIC would be correct. Note that security level sequence is 8 bits in length, its high four bits are the sequence
identifiers are not indicative of the relative strength of the number of the first group and the low four bits are the sequence
various security levels. Also note that security levels 0 and 4 number of the second group. The MIC field is 8 bits in length
should not be used for frame security. and specifies the message integrity code. The real transaction data
field is the old transaction data.
III. THE SECURITY APPLICATION IN THE ZIGBEE APS
LAYER C. Security Processing of Frames
ZigBee security services and algorithms are complex, in If the key bit sequence field is set to 0, the MSG data is not
some simple applications, using ZigBee security modes will protected, otherwise, the security processing is described as
consume many resources, such as, memory, CPU time and follows:
managing secure data in a frame. Therefore, we use a simple 1) Define the following variables
way to encrypt and integrity checking the data packet of MSG unsigned char en[32]= // the security material
type. { 0xe2, 0x12, 0xa6, 0x8e, // the first group
0x9a, 0xf1, 0x2e, 0x3f,
A. AF Frame Format with MSG Frame Type 0xe7, 0xca, 0xb1, 0x4e,
The Application framework (AF) frame format with MSG 0x58, 0x83, 0x3a, 0xe4,
frame type is illustrated in Fig. 4. The transaction count field is 0x13, 0x23, 0x65, 0xae, // the second group
four bits in length and specifies the number of transactions. The 0x8e, 0xd4, 0x9d, 0x35,
frame type field is four bits in length and specifies the service 0x90, 0x3a, 0x63, 0x8e,
type used by each of the following transactions. The frame type 0x2a, 0x14, 0x54, 0xa2};
is MSG if this field is set to 0x02. Each transaction of MSG unsigned char mm[8]; // the encryption table
frame type contains a transaction sequence number, a unsigned char mic_ch;
496
497
unsigned char sit_1, sit_2; unsigned char step_mic;
unsigned char mic; sit_1 = (info[0]>>4) & 0x0f;
sit_2 = (info[0] & 0x0f) + 16;
The security material “en” is a table that contains 32 bytes.
It is divided into two groups. The encryption table “mm” is 8 step_mic = info[1];
bytes in length and is created dynamically. The sit_1 is a mic = 0;
sequence number the first group. The sit_2 is a sequence for (int i = 0; i< 8; i++)
number of the second group. The variable “mic_ch” is a initial {
value of computing MIC. The mic is a value of MSG data mm[i] = en[(sit_1 + i) %32]^ en[(sit_2 + i) %32];
message integrity code. }
mic_ch =0x5a;
2) Encryption algorithm for (i=0; i< *len -2 ; i++)
Encryption algorithm is described at follow: {
void Encrypt(unsigned char * info, int *len) mic +=info[i+2] ^ en[(sit_1+i)%32];
{ info[i] = info[i+2] ^ mm[i%8];
// info: MSG data; mic_ch = mic_ch ^ info[i];
// len : the length of MSG data mm[i%8] = mm[i%8] ^ en[(sit_1 +8+ i) %32]
sit_1 = 0; sit_2 = 0; ^ mic_ch;
while( sit_1+sit_2 == 0) }
{ if (mic != step_mic) return false;
sit_1 = rand() % 16; //randomly generating number. *len -= 2;
sit_2 = rand() % 16; //randomly generating number. info[*len] = 0;
} return true;
sit_2 +=16; }
for (int i = 0; i< 8; i++) If Decrypt( ) returns true, the receiver correctly receives the
{ // to produce the encryption table MSG data packet, otherwise, the MSG data packet is destroyed.
mm[i] = en[(sit_1+ i) %32] ^ en[(sit_2 + i) %32];
} IV. CONCLUSIONS
mic_ch = 0x5a; In this paper, we have provided a survey of security
unsigned char info_m[ MAXLENGTH]; services provided in the ZigBee wireless sensor networks.
for (i=0; i < *len; i++) ZigBee security, which is based on a 128-bit AES algorithm,
adds to the security model provided by IEEE 802.15.4.
{
ZigBee’s security services include methods for key
mic_ch = mic_ch ^ info[i];
establishment and transport, device management, and frame
info_m[i] = info[i] ^ mm[i%8]; protection. The ZigBee specification defines security for the
mm[i%8] = mm[i%8] ^ en[(sit_1 +8+ i) %32] MAC, NWK and APS layers. Security for applications is
^ mic_ch; typically provided through Application Profiles. This paper
mic +=info_m[i] ^ en[(sit_1+i)%32] ; provided a simple security mode in APS layer to protect the
} data packets of the MSG type.
info[0] = (sit_1<<4) + sit_2 - 16; // the key bit sequence
info[1] = mic; // the MIC REFERENCES
for (i=0; i < *len; i++)
[1] ZigBee Alliance Document 053474r17. “ZigBee Specification”, January,
{ 2008.
info[i+2] = info_m[i]; [2] X. L. Ren, H. B. Yu. “Study on Security of ZigBee Wireless Sensor
} Network”, Chinese Journal of Scientific Instrument (in Chinese), Vol 28,
*len += 2; No 12 , December 2007, pp 2132-2137.
} [3] ZigBee Alliance Document 053473r00. “ZigBee Specification v1.0”,
3) Decryption algorithm December, 2004.
[4] IEEE 802.15.4, “Wireless Medium Access Control (MAC) and Physical
Decryption alogrithm is described as follow: Layer (PHY) Specifications for Low-Rate Wireless Personal Area
Networks (LR-WPANs),” May 2003.
bool Decrypt(unsigned char * info, int *len)
{
497
498