What key is being using to encrypt the key transport in this Zigbee capture?
Reverse Engineering Asked by Cybergibbons on September 30, 2021
I am working with a Zigbee system and I have been trying to grab the network key as it is exchanged during pairing. I wasn’t having much luck with the combination of TI Packet Sniffer, Wireshark and Killerbee – it kept on failing. This combination has worked for me in the past.
I installed a trial version of Perytons-M4 and captured a pairing using my CC2531 USB stick. To my surprise, this recovered the key automatically and started decrypting the rest of the data.
However, in the APS_CMD_KEY_TRANSPORT message sent to exchange the key, Perytons is showing that the APS layer data is in fact encrypted already, using a key that I have not seen before (4BAB0F173E1434A2D572E1C1EF478782)
The key for many Zigbee devices is “ZigBeeAlliance09”, which is the case here for some communications, but this is not the key being used for key exchange.
Once the capture is complete, the Perytons “Keys Management” window shows the “ZigBeeAlliance09” key along with the one sent in the APS_CMD_KEY_TRANSPORT, but not the one used to decrypt the APS data.
The device is a Yale PIR camera (manufacturer’s product page). I have been unable to identify the physical Zigbee modules used, but they look like 
and 
. Unfortunately I can’t work out a way of getting Data out of Perytons in a way that is easy to read by others.
I’ve had a google, had a look in the Zigbee specs and had a look in the Perytons documentation, but can’t find anything. Any ideas?
2 Answers
The key used is simply a hash of ZigBeeAlliance09. You see it in your picture pretty clear.
ZigBee uses the the default key as basis for different hash permutation of "ZigBeeAlliance09". Look it up in the ZigBee specification.
Answered by TobiASZ on September 30, 2021
What is the profile being used?
Home Automation (which is the one used by most devices) uses 'ZigBeeAlliance09' trust center link key to encrypt a random network key in the APS_CMD_KEY_TRANSPORT message. Joining devices decrypt the random network key in the APS_CMD_KEY_TRANSPORT message and then use the network key to encrypt/decrypt further network layer payloads. Most commercial sniffers will see the APS_CMD_KEY_TRANSPORT message and decrypt the network key. There is typically no further encryption at the APS layer for Home Automation.
Light Link Profile (Such as Philips Hue) uses the same security mechanism as HA but does not use the publicly available 'ZigBeeAlliance09' trust center link key, but a secret key only given to manufactures that have devices which have passed the Light Link Profile certification process.
Smart Energy profile uses the same network layer security mechanism as HA, but has further APS layer security which uses a key transferred with certicom certificates which are very secure (as it is typically utility companies using this for metering and do not want the meter reading tampered with).
Regards, TC.
Answered by t.c. on September 30, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Answers
- Joshua Engel on Why fry rice before boiling?
- haakon.io on Why fry rice before boiling?
- Jon Church on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?