ZigBee/ZigBee PRO security assessment based on compromised cryptographic keys

Radmand, Pedram; Domingo, Marc; Jaipal, Singh; Arnedo, Joan; Talevski, Alex; Petersen, Stig; Carlsen, Simon
Chapter
Thumbnail
View/Open
URI
http://hdl.handle.net/11250/2431481
Date
2011
Metadata
Show full item record
Collections
Original version
2010 International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 4-6 Nov. 2010  
Abstract
Sensor networks have many applications in monitoring and controlling of environmental properties such as sound, acceleration, vibration and temperature. Due to limited resources in computation capability, memory and energy, they are vulnerable to many kinds of attacks. The ZigBee specification [1], based on the 802.15.4 standard [2], defines a set of layers specifically suited to sensor networks. These layers support secure messaging using symmetric cryptographic. This paper presents two different ways for grabbing the cryptographic key in ZigBee: remote attack and physical attack. It also surveys and categorizes some additional attacks which can be performed on ZigBee networks: eavesdropping, spoofing, replay and DoS attacks at different layers. From this analysis, it is shown that some vulnerabilities still in the existing security schema in ZigBee technology.