A Study on Improvement of Device Removal Processes from ZigBee Network

摘要

Device removal from TC starts when TC transmits a remove-device command to ZA. ZA which received the remove-device command, transmit a remove-device command back to ZB. When commands are all transferred, TC deletes ZB from the device management list and all devices in the network delete their shared keys with ZB. At this time, the remove-device command from TC is encrypted by LKA, however, the leave command from ZA to ZB is not encrypted. The proposal from the thesis is as follows. First of all, make sure that devices which transmitted a command have the capability to be identified by including MIC, a shared key between two devices in the command that cannot ensure its integrity as it is not encrypted. Second, make counterfeit and falsification of a command by other devices impossible through encryption of the command for a removal process with a shared key between two devices. The result of the thesis as follows. First of all, upon possible counterfeit and falsification of a command originating from a leave command which has not been encrypted being transmitted from ZA to ZB, ensure the integrity of the command via encryption with LKAB and allow the sender of the remove-device command to be identified as TC by including MIC (LKB) in the leave command. Second by including MIC(LKB) value in the leave command, the sender of leave command can be identified as ZB, then through encryption with LKAB, other devices which do not know the code are made impossible to counterfeit or falsify the command. The improved proposal for device removal processes from ZigBee network assumes that there is a key safely shared between devices. Hence, when the shared key is exposed to other devices counterfeit and falsification becomes available with the key, further, other devices can disguise themselves as proper devices. Thus, additional research is necessary to securely store and manage the shared key.