Manualshelf

Programming instructions

ManualsBrandsdresden elektronik ManualsComputer equipmentdeRFusb-13E06
21222324252627282930
Atmel AT02597: ZigBee PRO Packet Analysis with Sniffer [APPLICATION NOTE]
32210AWIRELESS09/2013
30
The first part of the Touchlink process is the scanning done on the channel set (primary and if required, secondary) to
search for devices in the vicinity.
To monitor activity on multiple channels at the same time, it is necessary that the sniffing tool is capable of multi-
channel capture and the number of hardware sniffing tools used shall equal the number of channels to be monitored.
The log, ZLL_CL_CSR.wrk, was captured using a Perytons M-series Network Analyzer.
It is also possible to use BitCatcher and Wireshare interface and start capture on the first primary channel (0x0B) and
identify the logicalChannel selected from the network start response frame payload.
5.2.2 Cluster Commands
The command and response frame transfer is as explained in Section 5.1.3.
5.2.3 Security
A ZLL network uses network layer security. Cluster data exchange can define security level in the cluster definition file.
A non-ZLL device when being commissioned into the ZLL network gets the network key securely using a pre-installed
link key. The ZLL pre-installed link key is a secret shared by all certified ZLL devices and will be distributed only to
certified manufacturers.
For development and testing purposes, the ZLL specification allows use of the keys in Table 5-4.These
values can be found
in file N_Security_Calc.c in directory \zllplatform\zll\n_security\src in the BitCloud for ZLL SDK package.
Table 5-4. Security Keys.
Key Value
Certification Network Key ZLL_SECURITY_KEY
"\xC0\xC1\xC2\xC3\xC4\xC5\xC6\xC7\xC8\xC9\xCA\xCB\xCC\xCD\xCE\xCF"
Certification pre-installed Link key ZLL_PREINSTALLED_LINK_KEY
"\xD0\xD1\xD2\xD3\xD4\xD5\xD6\xD7\xD8\xD9\xDA\xDB\xDC\xDD\xDE\xDF"
5.3
ZigBee Smart Energy
ZigBee Smart Energy networks employ similar data exchange mechanisms using clusters and commands as described
in Section 5.1.
Smart Energy Profile Security is different from the standard network security with link keys employed in
Home Automation networks.
Smart Energy security requires the use of the Key Establishment cluster to generate a link key for secure data
exchange between two devices in a SE network.
The sniffer log, SE_Key_estb.dcf, shows the packet exchange during the key establishment process which is called the
Certificate Based Key Establishment (CBKE) process.
#17 shows that the device with short address 0x4810 has joined the network and authenticated to the Trust Center
0x0000 successfully using a pre-configured Trust Center Link key.
After service discovery for the KE cluster, #36 shows the transfer of the Initiate Key Establishment frame from 0x4810 to
0x000 and the response frame from the Trust Center. These frames contain the following items:
Timing information of generation of the remaining KE packets. This is configurable as the cryptographic
computation time may vary with devices
Identity field containing the test Certificate of the device
Packets #55 and #64 show exchange of Ephemeral data which contains a randomly generated public key.
#73 and #83 show exchange of the Confirm Key request and response frames, these messages contain the derived
/generated link key which will be used for further communication between the two devices.