The ZigBee smart-home wireless-networking standard is not safe enough to be used for critical purposes such as door locks and home-security systems, two Austrian researchers told attendees at the Black Hat security conference here this month.
Researchers Tobias Zillner and Sebastian Strobl, both with the IT-security firm Cognosec in Vienna, praised the ZigBee Alliance for developing and promoting tough security standards.
But, they said, ZigBee device makers often "only implement the absolute minimum to be complaint" with Alliance security standards, resulting in devices that are barely protected at all.
ZigBee is one of the oldest and mostly widely used low-power, short-range wireless networking standards, and there are thousands of ZigBee-connected devices on the market, ranging from "smart" light bulbs to industrial equipment.
The standard is quite secure, Zillner and Strobl said — at least on paper. Communication among all devices on a single ZigBee network is encrypted with a network key, messages between two devices are authenticated with a different key and "replay" attacks that repeat already-verified communications are impossible.
However, there are fundamental weaknesses. Network encryption keys must briefly be transmitted in an unencrypted format when a new device joins a network. Devices can always "fall back" onto default master keys if there's a communication problem, and in fact, some ZigBee devices use nothing else. And any new device on a network can request a master key from another device.
Zillner and Strobl performed an onstage demonstration in which a hacking tool, built from an inexpensive Raspberry Pi mini-computer, captured a ZigBee encryption key from a door lock.
The Raspberry Pi then opened the lock without the action registering on the lock's companion smartphone app. A burglar could use a similar tool to capture the encryption key as a homeowner used the smart lock, then return later when the homeowner was away and get in easily.
With some devices, no legitimate use is necessary to capture the code. Philips Hue smart light bulbs are constantly looking for new devices to pair with, Zillner and Strobl said, and hence can be easily reset to factory defaults. The Hue bulb will transmit an unencrypted encryption key upon reboot.
"But it's not a big deal if my neighbor accidentally turns off my light bulb," Zillner said.
That's not the case with a home-security system. The pair played a video of a demonstration in which they jammed the ZigBee signals used by a wireless security system, forcing a reboot in which the encryption keys were again transmitted in the clear.
In a conversation with Tom's Guide following the presentation, Zillner and Strobl admitted that jamming the signal alone would stop any wireless security system, whether it used ZigBee, Wi-Fi or cellular signals.
But, they added, the components of a good wireless security system would regularly send out "I'm alive" signals to verify network integrity — and many ZigBee-based systems, because of their low-power requirements, can't do so because they need to conserve battery life.
The upshot, Zillner and Strobl said, was that ZigBee is fine for light bulbs, coffee makers and other devices that don't affect physical or financial safety or security.
"You just shouldn't use it for anything important," Zillner told Tom's Guide.