Zigbee is a wireless ad hoc network protocol with low latency and power consumption with applications in IoT use cases where the network area is compact. In the previous article, we have discussed about what Zigbee is detail. We will now discuss be discussing about Application Profiles in Zigbee and Zigbee network security.
Zigbee Application Profiles
In Zigbee devices, an application profile is the collection of Zigbee End Devices (ZEDs) required for that application. For example, Zigbee has an in-built Home Automation(HA) profile which contains functionality for its applications, like lights dimming or fan speed control. In addition, each application has a unique Application ID for identification.
There are two application profiles:
Public Application Profiles: Interoperable application software developed by the ZigBee Alliance for a specific task.
Manufacturer-Specific Profiles: Private application profile developed by a company to operate a ZigBee device.
Also, as per the Zigbee standard, there are dedicated groups of functions for a particular IoT entity, such as lighting, smoke alarms, fans, air conditioning, security, etc. Therefore, each application profile selects a group of functions relevant to that particular profile.
Each dedicated group of functionality is called Clusters. A cluster ID uniquely identifies clusters within the scope of a particular profile.
Apart from Application Profiles and Clusters, each Zigbee device has around 240 endpoints, similar to ports in computer networking. It is a connection point in case there is a need to bypass the Zigbee network(coordinators or routers) and individually connect to other Zigbee devices. For example, the remote control can set endpoint 5 for controlling lights in the hall, endpoint 8 to manage the thermostat, and endpoint 9 for alarms. This way, the remote control can independently communicate with these devices even if the Zigbee network(coordinator) is down.
Zigbee uses bindings containing information about the specific application profile, cluster, and addresses for connecting two or more devices through endpoints. It is possible to store bindings within the source device (direct binding) or store them in a lookup table called Binding Cache (indirect binding).
ZigBee uses the highly secure AES encryption protocol to transfer data between nodes and end devices.
However, the security is based on certain assumptions:
- ZigBee assumes an “open trust” model. Verifying the correctness of frames does not happen between layers inside a Zigbee device.
- Random number generators are required.
- Availability of tamper-resistant hardware.
Zigbee Security Features
Network Security ensures these three parameters:
- Confidentiality – Attackers should not access the actual contents of data.
- Integrity – The attacker should not be able to modify the message’s contents without the end user knowing about it. The tampered data should be easily identifiable.
- Availability – The service should be available for authenticated and authorized users.
Zigbee uses a combination of Symmetric Cipher keys for signal encryption and key exchange between devices. Symmetric Cipher is the encryption method where the same key is used to both encrypt and decrypt the message.
Zigbee uses AES 128-bit encryption standard (CBC-MAC). As AES is a type of Symmetric Cipher, it encrypts the data and can be decrypted by any device with a secret key. This approach handles confidentiality and availability as the attacker cannot read the data as state-of-the-art AES encryption standards encrypt it.
However, integrity cannot be ensured as the attacker can perform a Man-in-the-middle attack and modify the encrypted data during transit.
To maintain data integrity from attackers, ZigBee has introduced AES-CCM, a variation of AES CBC-MAC encryption.
The sender device encrypts the data frame, generates a MIC(Message Integrity Check), and sends both to the receiver. The receiver gets the encrypted frame and generates its MIC from the encrypted data. If both MIC matches, then data integrity is ensured. Otherwise, the data frame is dropped.
ZigBee Security Mechanism
There are three types of symmetric keys (128-bit keys) used to secure Zigbee networks: Network Keys, Link Keys, and Master keys(optional)
All of them are symmetric ciphers and are used to ensure the two levels of security in Zigbee networks:
- Network Level Security – It provides the primary access control to authenticate new nodes in the network, basically determining which nodes should/shouldn’t be part of the network. Network security uses a Network Key for the encryption and decryption of data packets. All devices in the network have the same network key.
- APS Layer Security – It uses the Link keys to add another layer of encryption on the data frames to prevent attackers from decrypting the data, in case the Network key is compromised. Both APS layer and network layer encryption are used simultaneously to encrypt the contents of a message. In that case, APS layer security is applied first and then network layer security.
To summarize, Zigbee networks primarily use Network and Link Keys. The message is double encrypted using a network-wide standard network key and link keys. The way the link key is generated depends upon the security models employed by the network.
Zigbee Security Models
The Centralized Security model is complex but highly secure and involves a third logical device – the Trust center(TC). The TC logic may be present inside the coordinator or a different device.
The way the messages are secured in this model are:
- Trust Center shares the Network key and generates a unique Trust Center(TC) Link key when a new device joins the network.
- When the end device wants to send a message to the coordinator/router, it encrypts the request using the TC link key and sends it to the TC.
- The Trust Center(TC) receives the request and generates and sends a new application key to both the end device and router/coordinator.
- The end device can then encrypt the message with both the application link key and network key and send that message to the router/coordinator.
The Distributed security model is simple but less secure. The model classifies routers/coordinator as a router and understands only routers and end devices. The way messages are secured in this model are:
- Routers generate Network keys to newly joined routers and end devices.
- There is no logic to generate newer link keys at all. Only Link keys pre-configured (during manufacturing) in the nodes are used as link keys.
This article explains Profiles in Zigbee and the security in the Zigbee networks regarding how a combination of symmetric ciphers is used to secure messages. Overall, Zigbee uses a highly secure, cost- and energy-efficient security model. In the following article, we will be going into Zigbee network vulnerabilities.
Hrushikesh Vazurkar is an alumni of VNIT Nagpur, CSE Department. He is passionate about competitive programming, web development and AI.