In Zigbee there is are two keys used for encryption: the Link Key
and the Network Key
. The Link Key
is used during the network association process, and the Network Key
is used to encrypt all traffic once the device is "associated" (also referred to as "joined") to the network.
If the device is HA (Home Automation), the security handshake goes something like:
- Joining Device sends
Association Request
to the Trust Center (usually address 0x000) - Trust Center responds to joining device with a
NWK Key
packet. The contents of this packet are encrypted using the well know Home AutomationLink Key
.
You should be able to decrypt the NWK Key
packet if you know the Link Key
. I'm pretty sure I can't post the key (sorry), but you can probably find it online.
As for the actual encryption algorithm, that's defined in the main Zigbee Specification, which I believe you have to be a member to gain access too. There are a few open source Zigbee stacks though ZBoss and FreakZ.
You might also look at Wireshark, I believe they have a decent Zigbee packet decoder though I haven't used it personally.