Implementing SE Profile: Joining PAN via Encrypted Comms

[GoogleCodeExporter]

Greetings,

I am working on setting up a ZigBee SE experiment. So far I have been able to 
successfully implement the Link Key establishment mechanism to include the 
validation of an Installation code with CRC and MMO for generating the Link 
Key, assigning the link key to the SED and providing the link key to the 
coordinator in anticipation of a Join Request. Now, I wanted to know if there 
is a way to send a join request between an XBEE-S2 setup using the Coordinator 
API Function set under XB24-ZB FW: 21A7 and an XBEE-S2 setup using the Router 
API Function Set under XB24-ZB FW: 23A7. I was under the impression that once 
the Link Key was generated and written to both the Coordinator and the 
Router/SED that the XBEE firmware would take over from there and automatically 
send an encrypted join request to the Coordinator using the Link Key who would 
in turn decrypt, verify and send the Network key encrypted using the link key 
to the Router/SED who would then decrypt, assign to itself and start comms. But 
clearly this is not the case because neither the MicroChip Sniffer or the Atmel 
RZUSBSTICK with the killerbee firmware piping traffic through a named piped to 
Wireshark detect anything other than a broadcast from the coordinator.  

I've looked through the XBEE-API and I haven't found anything that would 
facilitate initiating a join request to the coordinator; or maybe I have over 
looked it.

Has anyone using a similar scenario I described above successfully joined a 
Router/SED to a Pan using encrypted comms?

Thanks in advance.

Original issue reported on code.google.com by komp...@gmail.com on 29 Mar 2013 at 2:59

[GoogleCodeExporter]

Here is a little more detail and better explanation to my original posting -----

I am working on an ZigBee SE experiment using 2 XBEE-S2 modules with the 
following configuration and tools - 

Xbee Modules -
1) XBEE-S2 setup using the Coordinator API Function set under XB24-ZB FW: 21A7 

2) XBEE-S2 setup using the Router API Function Set under XB24-ZB FW: 23A7. 

Tools-
1) MicroChip sniffer with provided sniffer application
2) ATMEL RZUSBSTICK with killerbee firmware
3) Wireshark
4) XBEE-API
----------------
The intent here is to generate a link key using the link key generation using 
MMO and CRC checks as defined in the SE Profile Specification. Have the 
Router/SED send a join request to the Coordinator and have the Coordinator 
verify the request using the same Link Key. Once verified the Network Key is 
encrypted using the Link Key and sent to the Router/SED who in turn will 
decrypt and start comms using the network key.

So far I have been able to successfully implement the Link Key establishment 
mechanism to include the validation of an Installation code with CRC and MMO 
for generating the Link Key, assigning the link key to the SED and providing 
the link key to the coordinator in anticipation of a Join Request. 

I was under the impression that once the Link Key was generated and written to 
both the Coordinator and the Router/SED that the XBEE firmware function set 
would take over from there and automatically send an encrypted join request to 
the Coordinator using the Link Key who would in turn decrypt, verify and send 
the Network key encrypted using the link key to the Router/SED who would then 
decrypt, assign to itself and start comms, however it seems like this is not 
the case. I have two sniffers running - the MicroChip Sniffer and the Atmel 
RZUSBSTICK (using the killerbee firmware piping traffic through a named piped 
to Wireshark) - and neither detect anything other than a broadcast from the 
coordinator.  

I've looked through the XBEE-API and I haven't found anything that would 
facilitate initiating a join request to the coordinator; or maybe I have over 
looked it.

Has anyone been able to implement a join request with either clear or encrypted 
comms?

Thanks in advance ...

Original comment by komp...@gmail.com on 29 Mar 2013 at 3:31