User's Manual
USER MANUAL
PTM 215ZE – 2.4 GHz IEEE 802.15.4 Pushbutton Transmitter Module
© 2022 EnOcean | www.enocean.com F-710-017, V1.0 PTM 215ZE User Manual | v1.0 | March 2022 | Page 16/43
4 Telegram Authentication
PTM 215ZE implements telegram authentication for data telegrams to ensure that only tele-
grams from senders using a previously exchanged security key will be accepted. Authenti-
cation relies on a 32 bit telegram signature which is calculated as shown in Figure 7 below
and exchanged as part of the radio telegram.
Figure 7 – Telegram authentication flow
Sequence counter, source address and the remaining telegram data together form the in-
put data for the signature algorithm. This algorithm uses AES128 encryption based on the
device-unique random security key to generate a 32 bit signature which will be transmitted
as part of the radio telegram.
The signature is therefore dependent both on the current value of the sequence counter,
the device source address and the telegram payload. Changing any of these three parame-
ters will therefore result in a different signature.
The receiver performs the same signature calculation based on sequence counter, source
address and the remaining telegram data of the received telegram using the security key it
received from PTM 215ZE during commissioning.
The receiver then compares the signature reported as part of the telegram with the signa-
ture it has calculated. If these two signatures match then the following statements are
true:
Sender (PTM 215ZE) and receiver use the same security key
The message content (address, sequence counter, data) has not been modified
In order to avoid message replay (capture and retransmission of a valid message), it is re-
quired that the receiver tracks the value of the sequence counter used by PTM 215ZE and
only accepts messages with higher sequence counter values (i.e. not accepts equal or lower
sequence counter values for subsequent telegrams).