ZigBee PRO provides two security “policies” that allow the ZC to control the level of security used in the network: Standard Security and High Security.

Security in ZigBee is designed to:

1. Prevent unauthorized devices from joining the network (Standard and High Security)
2. Prevent eavesdropping and unauthorized transmissions network-wide (Standard and High Security)
3. Provide secure communication between any two devices on the network (High Security, optional on Standard Security)
4. Allow removal of devices that are no longer authorized to be in the network (High Security)

Of course a network can also elect not to have any security at all. This is not recommended for any deployed applications because the network has no control over devices accidentally joining the network and causing problems.

Note: ZigBee 2006 “Residential Security” was updated to include optional Link Key and APS layer security and is now called “Standard Security”; “Commercial Security” is now “High Security”.

Terms and Definitions

Terms for Standard Security

• Trust Center: Device trusted within the network by other devices to distribute and update keys for network or application level security.
• Link Key: A key shared between two devices and used to secure messages at the APS layer. Note there can be a trust center link key on a device, as well as a link key between two devices in the network.
• Network Key: The key used to secure frames at the network layer

Terms for High Security

• Master Key: A shared secret used to generate link keys
• SKKE (Symmetric-Key Key Exchange): An algorithm for deriving a new link key using an existing key (shared secret). SKKE provides unilateral guarentees of randomness and freshness.
• EA (Entity Authentication): A variation of SKKE that synchronizes shared data using an existing key. EA is used here to synchronize the security state between neighboring devices.

Standard Security Policy

Standard Security provides the following high level capabilities:

• Devices are required to be authorized by the Trust Center prior to joining
• Communication in the network is encrypted with the Network Key
• APS communication between any two devices may optionally be encrypted with a Link Key
• The Trust Center can update the network key by broadcasting a new key

Joining a Standard Security Network

Devices joining a standard security network may already have a Trust Center Link Key preconfigured on the device (which is used to encrypt the Network Key upon joining) or they may receive the Network Key sent unencrypted over the network. Clearly the latter case is less secure, but it may be easier to manage during manufacturing and deployment since devices do not need to be specifically configured.

Joining the network with a preconfigured link key

Joining the network without a preconfigured network key.

High Security Policy

High Security provides the following high level capabilities:

• Devices are required to be authorized by the Trust Center prior to joining
• Communication between any two devices may be encrypted with a Link Key (application can choose on a per-message basis); Link Keys are derived using SKKE and no keys are exchanged unencrypted
• Network Key update is unicast from the Trust Center to each device, encrypted with the proper Link Key

Tradeoffs

Standard Security requires less flash, RAM, and bandwidth than High Security. It is also compatible with ZigBee 2006 Residential Security. Broadcast key updates and weaker link keys reduce the overall security of the network, and devices cannot be forcibly removed from the network.

High Security is significantly more complicated than Standard Security but affords much greater security because any or all messages may be encrypted with link keys derived using SKKE (SKKE provides unilateral guarentees of randomness and freshness). Further, it allows devices to be forcibly removed from the network by excluding them from a network key update.