SENA ProBee-ZE20S-SEME User Manual

Page 26

Advertising
background image

ProBee-ZE20S-SExx User Guide Rev 1.8

26

successful completion of the CBKE protocol the following security services are offered:

Both devices share a secret link key

Implicit Key Authentication: Both devices know with whom they share this link key

Key Confirmation: Each device knows that the other device actually has computed the key

correctly

No Unilateral Key Control: No device has complete control over the shared link key that is

established

Perfect Forward Secrecy: if the private99 key gets compromised none of future and past

communications are exposed

Known Key Security resilience: Each shared link key created per session is unique

3.1.3

Link Key

The trust center (normally coordinator in network) requests link key before a device is trying to join

network. If link key the device has is wrong, joining process will be denied. Hence, all nodes in the

network should have the valid link key setup before joining the network. Before joining the network, link

key is generated by CBKE Data Token and Install Code. CBKE Data Token consist of ‘Device Implicit

Cert’, ‘CA Public Key’, and ‘Device Private Key’. The CBKE Data Token and Install Code is configured

using the AT command below.

AT+IMPLICIT= xxx

xxx or AT+IC = xxx

xxx, where xxx

xxx is 48-byte hexadecimal CBKE Data

Token(Device Implicit Cert).

AT+PUBLICKEY= xxx

xxx or AT+PK = xxx

xxx, where xxx

xxx is 43-byte hexadecimal CBKE Data

Token(CA Public Key & Device Private Key).

AT+INSTALLCODE= xxx

xxx or AT+IC = xxx

xxx, where xxx

xxx is 6/8/12/16-byte hexadecimal

Install Code.

3.1.4

Network Key

It is the network-wide key used to secure transmissions at the Network Layer. The network key encrypts

all transmissions at the Network Layer. The network key only needs to be set up for the coordinator.

AT+NWKKEY=xxx

xxx or AT+NK=xxx

xxx, where xxx

xxx is 128-bit hexadecimal network key.

Default is FFF

FF.

3.1.5

Update Key

A trust center can update the Network Key to help minimize the risk associated with a particular instance

of the network key being compromised. Key updates are broadcast by the trust center throughout the

network, encrypted using the current network key. Devices that hear the broadcast will not immediately

Advertising
Popular Brands
Popular manuals