SN2X-PRIMER STMicroelectronics, SN2X-PRIMER Datasheet - Page 13

SN2X-PRIMER

Manufacturer Part Number

SN2X-PRIMER

Description

Manufacturer

STMicroelectronics

Datasheet

1.SN2X-PRIMER.pdf (17 pages)

Specifications of SN2X-PRIMER

Lead Free Status / RoHS Status

Supplier Unconfirmed

Current page: 13 of 17
Download datasheet (433Kb)

UM0450

2.7.1

2.7.2

Note:

2.7.3

ZigBee security levels

For increased network security, three standard levels of security are defined in the 2007

ZigBee specifications:

●

The Network Layer security, provided with the Residential security service, uses a network-

wide key for encryption and decryption. All devices authorized by the Trust Center

(Coordinator) to join the network will receive a copy of the key, after joining, and will use it to

encrypt and decrypt all transmissions.

The message to the joining device is encrypted using a preloaded Link Key for that joining

device (known to both the Trust Center and the joining device) using APS Layer security.

The Application Layer Security provided with the Standard security service uses a peer-to-

peer Link Key. Both devices must have already established this key with one another prior to

sending APS Secured data. The Link Key is established with the Coordinator (Trust Center)

after the device joins the network.

The SN2X-PRIMER evaluation tool uses the Standard security service to demonstrate the

security features.

Typical network joining procedure

The typical network joining procedure in a ZigBee network with the Standard security level

executes the following steps:

In our case, both the parent and the Trust Center are the same device (Coordinator).

Security scenarios

The SN2X-PRIMER evaluation kit implements the following three security scenarios:

Preconfigured link key

In this scenario, both Coordinator and Router devices have the same preconfigured Link

Key known as “Key 1”.

The Residential security service included in the ZigBee 2006 specification provides

Network Layer security using a Network Key.

The Standard security service included in the 2007 ZigBee Pro specification provides

Residential security with a set of optional enhancements which include APS Layer

security using Link Keys.

The High security service included the 2007 ZigBee Pro specification provides the

Standard security with the use of Entity Authentication, Permissions Table, and deriving

Link Keys between devices.

The joiner device sends a MAC Association Request to the parent device.

The Parent device answers with a MAC Association Response.

The joiner device is joined using the PAN but is still unauthenticated.

The Trust Center starts the authentication procedure.

The Trust Center sends the Network Key to the joiner device.

The Trust Center completes the procedure and authenticates the joiner device.

Preconfigured Link Key

Different Link Key

No preconfigured Link Key

Getting started

13/17