Implementing SE Profile: Joining PAN via Encrypted Comms

XBee & XBee Gateway XBee - Zigbee
1

I am working on an ZigBee SE experiment using 2 XBEE-S2 modules with the following configuration and tools -

Xbee Modules -

  1. XBEE-S2 setup using the Coordinator API Function set under XB24-ZB FW: 21A7

  2. XBEE-S2 setup using the Router API Function Set under XB24-ZB FW: 23A7.

Tools-

  1. MicroChip sniffer with provided sniffer application
  2. ATMEL RZUSBSTICK with killerbee firmware
  3. Wireshark
  4. XBEE-API

The intent here is to generate a link key using the link key generation using MMO and CRC checks as defined in the SE Profile Specification. Have the Router/SED send a join request to the Coordinator and have the Coordinator verify the request using the same Link Key. Once verified the Network Key is encrypted using the Link Key and sent to the Router/SED who in turn will decrypt and start comms using the network key.

So far I have been able to successfully implement the Link Key establishment mechanism to include the validation of an Installation code with CRC and MMO for generating the Link Key, assigning the link key to the SED and providing the link key to the coordinator in anticipation of a Join Request.

I was under the impression that once the Link Key was generated and written to both the Coordinator and the Router/SED that the XBEE firmware function set would take over from there and automatically send an encrypted join request to the Coordinator using the Link Key who would in turn decrypt, verify and send the Network key encrypted using the link key to the Router/SED who would then decrypt, assign to itself and start comms, however it seems like this is not the case. I have two sniffers running - the MicroChip Sniffer and the Atmel RZUSBSTICK (using the killerbee firmware piping traffic through a named piped to Wireshark) - and neither detect anything other than a broadcast from the coordinator.

As mentioned above I am using the XBEE-API. I’ve looked through the API and I haven’t found anything that would facilitate initiating a join request to the coordinator; or maybe I have over looked it.

Has anyone been able to implement a join request with either clear or encrypted comms? If so what API did you use?

Thanks in advance …

2

It does not appear that the SE firmware is running on the modules, have you installed the latest SE firmware?

3

Hello,

I noticed your post on the Digi forum. I’m trying to do something very similar - implement an end device using the XBee module, and I was wondering about a couple of things:

1.How did you generate the link key from the installation code? Did you have to write your own MMO code? Have you got code or a link to the same, that you’d be willing to share?

  1. Did you find a way to implement SE 1.x functionality, via the Xbee module? I was hoping that there would be some python modules that would implement the application layer stuff, or otherwise provide a way to invoke it within the modules, without having to write it myself. Sounds like you may have been looking for something similar - did you have any success with this?

  2. Generally, do you have any advice for getting SE functionality working using the XBee modules?

Thanks much!