ZigBee is exposed a serious security vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201566174
Type myhack58
Reporter 佚名
Modified 2015-08-25T00:00:00


1, ZigBee is exposed a serious security vulnerability

Along with technology the rapid evolution of IOT(The Internet of Things, IoT)the concept once again on the rise, people all around the daily necessities, terminal equipment, and household appliances also gradually been given of the network connection capacity. However, as the connection of the above devices the widespread use of the important wireless Internet standard one, ZigBee technology has recently held 2 0 1 5 black hat conference(BlackHat2015)is exposed there are serious security vulnerabilities, caused the industry wide attention.

ZigBee is a low-cost, low-power, short-range wireless network communication technology. Due to its name(ZigBee, Zig“buzz”, the Bee“bee”)derived from the bees of a character dance, so this Protocol is also known as the ZigBee Protocol. At the theoretical level, it is based on IEEE802. 1 5. 4 standard low-power local area network Protocol, mainly suitable for automatic control and remote control field, can be embedded in various devices for data communication transmission. Currently, the ZigBee Protocol has been widely present in the such as smart light bulbs, smart locks, motion sensors, temperature sensors, etc. a large number of emerging IOT devices.

However, in each of the companies is still the focus in the above-described device connectivity, compatibility and other aspects, but no attention to some of the commonly used communication Protocol in terms of security progress is lagging behind. This is not, in the just-concluded 2 0 1 5 black hat conference, security researchers noted that, in ZigBee technology implementation of the method in the presence of a serious defect. While the defect related to a variety of types of devices, hackers are likely to harm the ZigBee network, and“take over the network of all connected devices of control”。

The researchers said that for each piece of equipment assessed the practice of the security analysis show that the use of ZigBee technology, although the equipment of the fast networking brings convenience, but because of the lack of effective security configuration option, resulting in the device during the pairing process there is a vulnerability, hackers will have the opportunity from the outside sniffing the network switching key. While the ZigBee network security is completely dependent on the network key of the confidentiality, so this vulnerability will be very serious.

2, the mishap was actually derived from the use of the default link key

The security personnel in the analysis, they pointed out specific issues that the ZigBee standard Protocol required to support the insecurity of the initial key transfer, plus the manufacturer for the default link key-makes hacker a chance to invade the network, by sniffing a device to hack the user configuration file, and use the default link key to join the network.

However, the default link key using the network key the confidentiality has brought great risks. Because of ZigBee's security largely depends on the key confidentiality, i.e. encryption key the security of the initialization and transmission process, so this turning back the clock to the default key using the mechanisms must be seen as a serious risk.

Security personnel said that if an attacker is able to sniff one device and use the default link key to join the network, then the network in the key is no longer secure, the entire network of the communication confidentiality can also be determined as unsafe.

In fact, the ZigBee Protocol standard itself, the design problem is not caused the above-mentioned vulnerability of reasons. The vulnerability of the root causes more likely to be directed because of the manufacturer in order to produce a convenient, easy to use, can be used with other networking devices for seamless collaboration of devices, but also to maximize the drive down equipment costs, without taking into account the security level on the use of the necessary safety considerations

Security personnel on ZigBee vulnerability summary

Security personnel noted that, in the smart bulbs, smart locks, motion sensors, temperature sensors, etc. to do the test in the display, these device vendors deploy only the minimum number of required authentication functions. Other increase the security level options are yet to be deployed, nor open to the end user. While this case brings security risks, their severity will be very high.

In summary, as the wireless router will be exposed there is a default admin password for security vulnerabilities, are now being deployed in a large number of intelligent devices in the ZigBee Protocol is also equipment manufacturers feel free to abuse, resulting in the use of the agreement of the household or Enterprise connected devices exposed to the malicious attackers coveted. Thus, in ensuring the smart device to obtain the excellent interoperability and accessibility at the same time, how can consumers take into account the security level of reliable protection, is currently intelligent device manufacturers the most The do.