Z-Wave Security Fundamentals
Advertisement
Z-Wave is a wireless communication protocol widely used in home automation, particularly for security applications like smart locks, sensors, and alarm systems. To address the inherent security concerns of wireless communications, Z-Wave incorporates a Security Layer that provides robust encryption and decryption mechanisms. This page covers the fundamentals of Z-Wave security as implemented in Z-Wave networks.
Key features of Z-wave security
The following features are key to Z-Wave’s security implementation:
- Message Freshness: Uses a 64-bit Nonce (number used once).
- 128-bit Random Network Key: Represented as . This is crucial for securing communication within the network.
- Encryption: Employs the Advanced Encryption Standard (AES) in Output Feedback (OFB) mode (AES-OFB).
- Data Authentication: Utilizes AES in Cipher Block Chaining Message Authentication Code (CBC-MAC) mode (AES-CBCMAC).
- 128-bit Cipher and MAC Keys: These are derived from the network key, .
- Custom Key Establishment Protocol: Described in more detail below.
Z-Wave data origin authentication relies on the Cipher Block Chaining Message Authentication Code (CBC-MAC) technique. This method calculates a Message Authentication Code (MAC) from a block cipher algorithm, such as AES.
The figure above illustrates the key exchange protocol used in Z-Wave security.
Conclusion
Z-Wave’s security framework, including its Security Layer and the adoption of advanced encryption standards, provides a solid foundation for secure wireless communication in smart home environments.
Advertisement