Breaking Zigbee Crypto presented at SOURCE Boston 2010

by Travis Goodspeed,

Tags: Security

Summary : This lecture describes a vulnerability in the ZigBee Smart Energy Profile stack available from Texas Instruments for the CC2530 chip, as used in many Smart Grid devices. The ephemeral key generation is poisoned by a poor psuedo-random number generator, allowing for only 65,536 ephemeral keys. The ECQMV key exchange, which is used by ZigBee SEP, allows an attacker who knows a device's ephemeral key to extract its private key. In this way, it is possible to extract a signed keypair from a Smart Energy Profile device. The vulnerability's discovery, mitigation, and impact will be discussed in technical detail, as well as some expectations for remaining vulnerabilities as this one is patched.