XK-Z11-M Digi International, XK-Z11-M Datasheet - Page 71

XK-Z11-M

Manufacturer Part Number

XK-Z11-M

Description

ZIGBEE MODULE DEVELOPMENT KIT

Manufacturer

Digi International

Series

XBee™r

Type

Transceiver, 802.15.4/ZigBeer

Datasheets

1.XK-Z11-M.pdf (155 pages)

2.XK-Z11-M.pdf (1 pages)

3.XK-Z11-M.pdf (1 pages)

4.XK-Z11-M.pdf (9 pages)

5.XK-Z11-M.pdf (1 pages)

Specifications of XK-Z11-M

Frequency

2.4GHz

For Use With/related Products

XBee Modules

Lead Free Status / RoHS Status

Lead free / RoHS Compliant

Other names

602-1184

Current page: 71 of 155
Download datasheet (4Mb)

5. Security

ZigBee supports various levels of security that can be configured depending on the needs of the application. Security

provisions include:

The first half of this chapter describes various security features defined in the ZigBee-PRO specification, while the last

half illustrates how the XBee and XBee-PRO modules can be configured to support these features

Security Modes

ZigBee Security Model

•128-bit AES encryption

•Two security keys that can be preconfigured or obtained during joining

•Support for a trust center

•Provisions to ensure message integrity, confidentiality, and authentication.

The ZigBee standard supports three security modes – residential, standard, and high security. Residential security

was first supported in the ZigBee 2006 standard. This level of security requires a network key be shared among

devices. Standard security adds a number of optional security enhancements over residential security, including an

APS layer link key. High security adds entity authentication, and a number of other features not widely supported.

XBee ZB modules primarily support standard security, although end devices that support residential security can join

and interoperate with standard security devices. The remainder of this chapter focuses on material that is relevant

to standard security.

ZigBee security is applied to the Network and APS layers. Packets are encrypted with 128-bit AES encryption. A

network key and optional link key can be used to encrypt data. Only devices with the same keys are able to

communicate together in a network. Routers and end devices that will communicate on a secure network must

obtain the correct security keys.

Network Layer Security

The network key is used to encrypt the APS layer and application data. In addition to encrypting application

messages, network security is also applied to route request and reply messages, APS commands, and ZDO

commands. Network encryption is not applied to MAC layer transmissions such as beacon transmissions, etc. If

security is enabled in a network, all data packets will be encrypted with the network key.

Packets are encrypted and authenticated using 128-bit AES. This is shown in the figure below.

XK-Z11-M Digi International, XK-Z11-M Datasheet - Page 71

XK-Z11-M

Specifications of XK-Z11-M

Related parts for XK-Z11-M