Mitsubishi Electric Research Laboratories

ZigBee Security Toolbox

The ZigBee Alliance is developing a very low-cost, very low power consumption, two-way, wireless communications standard. Solutions adopting the ZigBee standard will be embedded in consumer electronics, home and building automation, industrial controls, PC peripherals, medical sensor applications, toys and games. Many of these applications have security needs. The ZigBee Alliance is developing the protocols required for a wireless, adhoc network in order to make it as secure as possible for the average consumer.  Security services provided for ZigBee include methods for key establishment, key transport, frame protection, and device management. These services form the building blocks for implementing security policies within a ZigBee device.

Background & Objective:  MERL has participated and contributed to the ZigBee Alliance in terms of key exchange protocols and secure routing techniques.  Presently, we are working on secure installation of a ZigBee network in both the home and commercial environments.  Another concern with this type of network is the topic of Denial of Service.  If and when ZigBee networks become more widespread, the potential for an attack on those networks becomes more probable.  One popular form of attack is making the network unusable by the user by flooding the network with packets or interfering with the radio traffic.

Technical Discussion:  Network security for any type of network becomes necessary as that network becomes more widespread.  Security for networks involves a family of protocols that prevent adversaries from eavesdropping by use of encryption, spoofing by use of authentication, and replay attacks by use of the nonce.  Other areas of security involve key distribution and exchange protocols.  Keys are required for encryption and decryption of messages.  Key distribution centers (a.k.a. trust centers) must be maintained within a network.  Recovery protocols for the nodes that drop out due to loss of power or some other malady must be able to regain access to the network quickly and seamlessly.  

Publications:
Huang, Q.; Cukier, J.I.; Kobayashi, H.; Liu, B.; Zhang, J., "Fast Authenticated Key Establishment Protocols for Self-Organizing Sensor Networks", International Conference on Wireless Sensor Networks and Applications (WSNA), ISBN: 1-58113-746-8, pp. 141-150, September 2003 (ACM Digital Library, TR2003-102)

Huang, Q.; Kobayashi, H.; Liu, B.; Gu, D.; Zhang, J., "Energy/Security Scalable Mobile Cryptosystem", IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), Vol. 3, pp. 2755-2759, September 2003 (IEEE Xplore, TR2003-079)

Technology Area:  Digital Communications

Modification Date:  July 14, 2005