Secure Communications

This set of examples demonstrates how to use the Zigbee Security features on the Module. The security API is simple, just a few lines of code are required to enable security. The Module supports two key management schemes: Obviously using the coordinator to distribute the key is slightly weaker, as the key could be intercepted during network formation, but this way you don’t have to pre-load all the routers with keys. The Secure Communications examples can demonstrate both key management schemes by defining either USE_SECURITY_MODE_PRECONFIGURED_KEYS (the default) or USE_SECURITY_MODE_COORD_DIST_KEYS. Note that both Router and Coordinator must have the same option defined.
 * Pre-configured keys, where all devices have the same key loaded on them.
 * Coordinator key distribution, where the coordinator sends the key in cleartext to when the device joins the network.

Using Pre-Configured Keys
The Secure Communications examples include a Coordinator and a Router. First load the Coordinator example and start the coordinator. The coordinator will start the network and wait for other devices:



Next, start the Router and observe the router join the network and begin transmitting messages:



Now that the Router has joined the network, the Coordinator will display received messages:



Configuring Security
The Module makes configuring security very easy, with just a few commands: If using coordinator key distribution you will want to control the network joining process. By default any device is allowed to join the network. This can be done using the setJoiningPermissions command if using the Simple API.

Using Coordinator Distributed Keys
By defining the option USE_SECURITY_MODE_COORD_DIST_KEYS in both Router and Coordinator we can see how Coordinator Key Distribution works. Start the Coordinator first, and then the router. The coordinator will display that pre-configured keys is disabled, so the Coordinator is handling key distribution.

Fun with Security
Here are a few fun experiments you can do once you have the network running with security successfully:
 * 1) Run the secure example on the coordinator with pre-configured keys and the normal (without security) example on the router. You’ll see that the router cannot join the network; its state is “DEV_END_DEVICE_UNAUTH” and then to “DEV_HOLD” indicating that it gave up trying to join the network. Now load the security example on the router; you’ll see that the devices can communicate again.
 * 2) Change the key on the router and restart. Again you’ll see that the router cannot join the network, instead having a state of “DEV_END_DEVICE_UNAUTH” and “DEV_HOLD”. Now change the key on the router back to the same as the coordinator and restart the router; you’ll see that the devices can communicate again.

''Next Set of Examples: Fragmentation Example