This is an article about a known issue in ZigBee implementations of using default link keys for existing products that can be bought off the shelf. As society becomes more technologically inclined, home automation is one of the big names we often hear at Tech Expo. Most of these home automation products uses the ZigBee specification. However, there are security concerns that should be addressed when implementing ZigBee. In this article, I will be focusing on the use of default link keys in device association, and how such implementation impacts network confidentiality. My research also includes a lab setup which is also included in this article.
What is ZigBee?
ZigBee is a wireless specification which is primarily used in smart home devices. Being low powered and cheap to implement, it is favoured by the manufacturer as one of the standards to use for wireless communication between smart devices. Being maintained by the ZigBee Alliance, the alliance also provides guidelines on developing such products, ensuring inter-operability between brands, therefore, promoting a diversified smart device ecosystem.
The Default Link Key
In ZigBee, a default link key refers to the key that is used to encrypt a network key during the association of two devices in a network, and this key can be found on the internet. The network key is subsequently used to encrypt future transmission of commands and/or informational updates. Though products can be shipped with manufacturer-specific default link keys, the need for device compatibility compels manufacturers to have the support for default link key in a ZigBee certified product. Because default link keys are used to encrypt the network key, with the knowledge of the default link key during an association would create a moment of insecurity within the network. This means that the network key can be seen in plaintext during transmission.
Key Sniffing Example
An example of such a device that can be bought off the shelf and uses the default link key is the XiaoMi Aqara smart device suite. The products used in my lab setup are the XiaoMi Aqara Hub, XiaoMi Aqara Light Bulb, XiaoMi Aqara Wireless Mini Switch, and it can be bought off online stores. In my setup, the Aqara Hub will be the ZigBee coordinator, and the remaining devices are the ZigBee end devices.
The Sniffing Setup
To obtain the network key, a sniffing setup must be used. In my setup, I used a Texas Instrument CC2531 USB device flashed with a ZBOSS sniffing firmware. Tutorial on flashing a sniffing firmware is listed at the end of this post.
Once the sniffing firmware is flashed onto the device, I launched the ZBOSS sniffing by pressing start. I also ensured that the full path of Wireshark is entered correctly, and my sniffing device is detected by the application.
Once Wireshark is launched, I proceed to add the default link key by going to Edit -> Preferences -> Protocols -> ZigBee. I also ensure that the “Security Level” is set to “AES-128 Encryption, 32-bit Integrity Protection”. Clicking on edit, I added the default link key by pressing the + sign, leaving defaults for other settings, and added the default link key: “5A:69:67:42:65:65:41:6C:6C:69:61:6E:63:65:30:39” to the text field. Clicking on ‘okay’ twice, and moving back to the Wireshark screen, I am ready to sniff for packets using the Zigbee protocol, hoping to hunt for key exchange packets using the default link key.
I then proceed to pair a device with the Aqara Hub. For my lab setup, I used the Light Bulb. The following screenshot shows that an association request can be observed with a source address stated as the mac address of the ZigBee device.
Right after the association, a PAN ID will be issued to the light bulb, followed by the network key.
As shown in the screen capture, once the keyword “Transport Key” is seen, I knew I have hit jackpot! This packet refers to the transport of the network key used by the ZigBee network of the Aqara Hub. Selecting that packet will show me the Network Key in the ZigBee Application Support Layer -> Command Frame: Transport Key -> Key.
Once the key is obtained, I am able to use the key to further decrypt captured packets happening in the ZigBee network, fully compromising the confidentiality of the network.
“Security comes at a price”. It would either be an increase on end-user cost of the product, or the risk of being compromised by malicious actors. No doubt that it is the choice of choosing the lesser of the two evils, it is still important to analyze and understand the tradeoffs between security, cost and usability. Default link key should not be used as the primary key, though it can be used as a fallback key to pair devices. However, there are other implementations such as install codes or predefined network keys which can be used to ensure confidentiality within a ZigBee network and eliminating the “moment of insecurity”.
I hope this article was able to shed some light on security considerations before deciding on having a smart living environment. It is also not the manufacturer’s full responsibility to keep our connect world safe, but the end-users to understand the risks of such technology which might bring to our connected world.
Link to sniffing guide:
References used during my personal research: