Specifications
XBee®/XBee‐PRO®SERFModules
©2009DigiInternational,Inc. 62
Frame Counter
The network header of encrypted packets includes a 32-bit frame counter. Each device in the
network maintains a 32-bit frame counter that is incremented for every transmission. In addition,
devices track the last known 32-bit frame counter for each of its neighbors. If a device receives a
packet from a neighbor with a smaller frame counter than it has previously seen, the packet is
discarded. The frame counter is used to protect against replay attacks.
If the frame counter reaches a maximum value of 0xFFFFFFFF, it does not wrap to 0 and no more
transmissions can be sent. Due to the size of the frame counters, reaching the maximum value is
a very unlikely event for most applications. The following table shows the required time under
different conditions, for the frame counter to reach its maximum value.
To clear the frame counters without compromising security, the network key can be changed in the
network. When the network key is updated, the frame counters on all devices reset to 0. (See the
Network Key Updates section for details.)
Message Integrity Code
The network header, APS header, and application data are all authenticated with 128-bit AES. A
hash is performed on these fields and is appended as a 4-byte message integrity code (MIC) to the
end of the packet. The MIC allows receiving devices to ensure the message has not been changed.
The MIC provides message integrity in the ZigBee security model. If a device receives a packet
and the MIC does not match the device’s own hash of the data, the packet is dropped.
Network Layer Encryption and Decryption
Packets with network layer encryption are encrypted and decrypted by each hop in a route. When
a device receives a packet with network encryption, it decrypts the packet and authenticates the
packet. If the device is not the destination, it then encrypts and authenticates the packet, using its
own frame counter and source address in the network header section.
Average Transmission Rate Time until 32-bit frame counter expires
1 / second 136 years
10 / second 13.6 years