Security evaluation of the z-wave

سال انتشار: 1400
محل انتشار: چهاردهمین کنفرانس ملی علوم و مهندسی کامپیوتر و فناوری اطلاعات
کد COI اختصاصی: CECCONF14_008
زبان مقاله: انگلیسی
تعداد مشاهده: 290

نویسندگان

Department of Computer Engineering, Hakim Sabzevari University, Sabzevar, Iran

چکیده

In this article, we will examine the security of Z-Wave. The Z-Wave wireless communication protocol is widely used in home automation networks and wireless sensors. Z-Wave is based on a proprietary design and a single chip dealer. There has been some scientific and practical security research on home automation systems based on the ZigBee and X۱۰ protocols, however, no public vulnerability research has been found on Z-Wave before. This device enables us to decrypt the various layers of the Z-Wave protocol and examine how to perform encryption and authentication of the data source in the application layer. In a part of the text, we will get acquainted with the types of threats of this protocol and find out what parts Z-Wave consists of and compare it with other protocols. We will discuss the advantages of Z-Wave and check the security problems. A vulnerability was first discovered in an AES* encrypted ZWave door lock that can be remotely exploited to unlock a door without knowing the encryption key and since the key has changed, the following network messages, like in "open door", will be ignored by the established network controller. It reinforces encryption standards for transfers between nodes and imposes new pairing procedures for each device, with a unique PIN or QR code on each device.

کلیدواژه ها

AES; Advanced Encryption Standard

مقالات مرتبط جدید

اطلاعات بیشتر در مورد COI

COI مخفف عبارت CIVILICA Object Identifier به معنی شناسه سیویلیکا برای اسناد است. COI کدی است که مطابق محل انتشار، به مقالات کنفرانسها و ژورنالهای داخل کشور به هنگام نمایه سازی بر روی پایگاه استنادی سیویلیکا اختصاص می یابد.

کد COI به مفهوم کد ملی اسناد نمایه شده در سیویلیکا است و کدی یکتا و ثابت است و به همین دلیل همواره قابلیت استناد و پیگیری دارد.