Embed Size (px)
Citation preview
Security Working Group Overview
Open HouseJune 3, 2003
Ed Callaway
03214r0ZB
Copyright 2003 The ZigBee Alliance, Inc.
Organization
• Chair: Larry Puhl• Secretary: Tom Kevenaar• Technical Editor: Rene Struik• Security Group Member Companies:
HoneywellInvensysMitsubishiMotorolaNTRUNTSPhilipsZensys
AtmelBoschCerticomDanfossEmberFigure 8 WirelessFrance TelecomHelicomm
Copyright 2003 The ZigBee Alliance, Inc.
Scope and Charter
• To build a security architecture and Security Toolbox document which provides cryptographic tools and interfaces from which profiles may select security services to enable an adequately secure communications link
• To provide a Test Plan to allow for conformance testing of the tools and interfaces
• To assist profile developers in selecting the most appropriate tools and interfaces for their applications
Copyright 2003 The ZigBee Alliance, Inc.
ZigBee and Security
• ZigBee is working to develop standard solutions for a range of products with diverse security needs
• Cost, performance, complexity, flexibility, and ease-of-use are all factors to consider when choosing a security solution
• The security working group is developing a “Security Toolbox” that includes services to meet the needs of top-priority profiles
• Long-term goal: ZigBee Security Toolbox, complete with interoperability specifications and test plan to allow an application to get what it needs
Copyright 2003 The ZigBee Alliance, Inc.
What’s in 802.15.4?
• IEEE 802.15.4 contains a good crypto algorithm
• It’s called AES and it’s a “symmetric cipher”
– Sender and receiver encrypt and decrypt with the same key
• IEEE 802.15.4 supplies three services:
– Protects privacy of data to be transmitted (encryption)
– Prevents impersonation of legitimate devices (sender authentication)
– Prevents modification of transmitted messages (message integrity)
Copyright 2003 The ZigBee Alliance, Inc.
What’s in ZigBee?
• The ZigBee Security Toolbox builds basic services onto the IEEE 802.15.4 standard:
key establishmentkey transport
data protectionauthentication
• These basic services can be used to build secure network and application (i.e., end-to-end) communication links
• The application profile determines which basic services are needed for each application
Copyright 2003 The ZigBee Alliance, Inc.
Goals for this Meeting
• Joint discussions with other groups
• Discuss the basic services to be included in the Security Toolbox document
• Review the public-key proposal and discuss any improvements
• Vote to confirm the public-key proposal, select a new chair, and confirm the content of the Security Toolbox document
• Other topics: orphaning, backup, mobility, testing, potential attacks
