User's Manual
USER MANUAL
PTM 215ZE – 2.4 GHz IEEE 802.15.4 Pushbutton Transmitter Module
© 2022 EnOcean | www.enocean.com F-710-017, V1.0 PTM 215ZE User Manual | v1.0 | March 2022 | Page 17/43
4.1 Authentication Implementation
PTM 215ZE implements telegram authentication according to the ZigBee Green Power spec-
ification. It uses AES128 in CCM (Counter with CBC-MAC) mode as described in IETF
RFC3610. At the time of writing, the RFC3610 standard could be found here:
https://www.ietf.org/rfc/rfc3610.txt
The 13 Byte CCM Nonce (number used once – unique) initialization value is constructed as
concatenation of 4 byte Device ID, 4 byte Device ID again, 4 byte Sequence Counter and 1
status byte of value 0x05.
Note that both Device ID and Sequence Counter use little endian format (least significant
byte first).
Figure 8 below shows the structure of the AES128 Nonce.
Figure 8 – AES128 Nonce structure
The AES128 Nonce and the 128 bit device-unique security key are then used to calculate a
32 bit signature of the authenticated telegram payload shown in Figure 9 below.
Figure 9 – Authenticated payload
The calculated 32 bit signature is then appended to the data telegram payload as shown in
chapter 3.3.
The security key required for the telegram authentication can be obtained in two ways:
Product DMC code
Each PTM 215ZE device contains a product label with a DMC code that identifies the Source
ID and the Private Security Key used by this device, see below.
Commissioning telegram
The security key is transmitted as part of the commissioning telegram, see chapter 5.3