has always been a reliable smart home protocol ZigBee, so black hat black? -Nanjing IoT sensor merchants to join the headquarters

What kind of wireless communication protocol is best for smart homes? ZigBee is the only. In recent years, in order to compete for the potential of the smart home market, around the various types of wireless protocol standards of the controversy, but undeniably, ZigBee earned enough eyeballs, quite a lot of attention and trust. In the field of smart home, compared to Bluetooth, WiFi, Z-wave, RF and other technical agreements, ZigBee has been dazzling, few negative news, is legendary, popular, and many people default to the most suitable for smart home protocol standards.

And so, on the one hand and ZigBee agreement itself inseparable, on the other hand, we would like to thank some of the company's strong heat and publicity.

--Technical level, ZigBee is not for the smart home, but for the smart home and long. Smart home devices need to have adequate security, stability, operational fluency, strong equipment load capacity and low power consumption, and ZigBee can be satisfied, and satisfied in place, so even if ZigBee was originally mainly used in industrial areas, and now does not affect its charm in the field of smart home.

--promotion level, many well-known enterprises have adopted, some strength companies vigorously promote. If you say that some people in the village use ZigBee protocol, you may scoff, hehe, not to mention trust, but if Samsung, LG, Texas Instruments, Logitech, Philips, Millet and other well-known enterprises have adopted it? Will you have a good opinion of ZigBee? Not only that, some of the company's strong propaganda is also critical, such as the ZigBee Alliance Board of Directors, the domestic early adoption of ZigBee IoT leader IoT sensor in the promotion will focus on the Advanced encryption algorithm ZigBee, so that its security in the hearts of consumers, For ZigBee to establish a good reputation, so as to promote the development of ZigBee in the Chinese region.

Therefore, regardless of from which point of view, ZigBee agreement has enough reason to be welcomed by smart home manufacturers. However, just after the ZigBee alliance announced that Samsung Flag brand SmartThings became a member of the board after a few weeks, black Hat Congress poured a basin of cold water, pulled cold cold water: The use of ZigBee protocol smart home Equipment there are serious loopholes.

Say security researchers (COGNOSEC company) found that the use of ZigBee protocol devices are serious loopholes, how serious? Hackers are likely to invade the smart home, arbitrary control of networked door locks, alarm systems, and even switch bulbs. According to the previous news, this kind of thing should happen in WiFi, Bluetooth or z-wave body, how is zigbee in the recruit? This includes the Cognosec company and the "small" (original author) credit.

Black Hat Conference is recognized as the world's top event for the information security industry and the most technical information security conference, with a number of professional teams and experts attending each year. They can enjoy the black all the technology products, without mercy, of course, the purpose is to exchange and improve the safety of enterprise products. The COGNOSEC company published a paper in this conference, pointing out a flaw in the implementation of ZigBee protocol. The company said the flaw involved multiple types of equipment, which could harm the ZigBee network and "take control of all connected devices within the network."

If Cognosec company will not be so, medal and the author of the article more than half, especially the topic take very good--"black hat assembly, the use of ZigBee protocol smart home Equipment there are serious loopholes" (Specific content please Baidu brain supplement), readers do not see the content is not related, Just take a look at the title to understand: ZigBee smart home Device there are serious loopholes.

ZigBee protocol Smart Home Equipment There are serious loopholes, it seems that ZigBee protocol is difficult to escape a robbery, but this idea is "lazy people" idea, fully prove the "title Party" victory. How does ZigBee, which has always been more reliable, have serious problems? Just look at the title is not, the key to carefully read the content.

Obviously, the title will let us quickly think of the ZigBee protocol is problematic, but there is no ZigBee protocol in fact there are too many things. Both the original author and the Cognosec company actually gave a description at the end.

"The root cause of the vulnerability is more of a point where manufacturers are making easy-to-use devices that work seamlessly with other networked devices, while at the same time lowering costs, rather than the ZIGBEE protocol standard itself." "--This is the author's analysis.

"The short plates and limitations we found in ZigBee were made by manufacturers, and companies wanted to make the latest and greatest products, and now it means being able to connect. Simple components such as bulb switches must be compatible with a variety of other devices, and it is no surprise that safety requirements are rarely taken into account-more attention is given to how to reduce costs. Unfortunately, the severity of the last layer of security breaches in wireless communication standards is very high. "-This is the Chinese version of the Cognosec company's researchers.

In fact, it is not difficult to find that the always reliable smart home protocol ZigBee, and did not give Black hat black, but by some quick-buck manufacturers "pit off." So now the problem is, in spite of the human factor (intentionally ignoring the standard security), how much is the chance of the ZigBee protocol being compromised?

"In the general security level of ZigBee, there are typically two keys. One is the key of the Trust Center. The other is the network key that actually transmits the data on the network. Finally want to crack ZigBee network, must get the latter 16 bytes strong password network key. Since ZigBee is taking the AES 128 encryption algorithm. In the absence of this network key, it is not possible to think of brute force. There is no precedent to crack.

The rate of violent cracking is extremely low. Generally only 300key/s, even take the so-called GPU acceleration, the speed is just 10000 key/s, for a 8-digit alphanumeric character of the complex password cracking time will take 2,900 years! Even with 100 units distributed, it will take 29 years!

Not to mention ZigBee's key is a 16-byte strong password. ”

Above is an answer from an IoT security expert who has sufficient confidence in the security of ZigBee protocols. Do not ask why this line, the original interview message content is such, but enough to explain as long as the previous time to do good, hackers want to crack ZigBee smart home equipment, difficult! As for "The use of ZigBee protocol smart home Equipment there are serious loopholes", there is a precondition: manufacturers are not responsible or technology is not in place.

One last question. Recently, the national new husband actor in the 16th session of the Swimming World Championships, the project is the men's 100-meter freestyle, the creation of Asian miracle, broke the yellow limit, the influence is considered to be comparable to Liu Xiang's first 110 meters hurdles. Apparently, the small meat actor has the 100-meter freestyle to win the title ability, but if give him to arrange 80 meters of track, did not win the championship, can explain he 100 meters not?

If ZigBee has 100 security settings, some manufacturers only use 80 or only 90, the results of the device was cracked, is the ZigBee protocol security problems? The answer may be similar to the answer to the last question.

Headquarters experience marketing Business promotion address: Jiangning Address: Nanjing Jiangning District Mo Zhou East Road 12th Zijin (jiangning) Technology Entrepreneurship Special Community third floor (warmly welcome to Nanjing IoT headquarters to discuss business/join, business cooperation)

Nanjing IoT Sensor Investment Headquarters hotline: 189 3601 0121 Contact: Zhang Jincheng (Offline channel director)

IoT Smart Home Exchange qq:223 221 4905 IoT Smart Home Exchange QQ Group : 383 315 850

has always been a reliable smart home protocol ZigBee, so black hat black? -Nanjing IoT sensor merchants to join the headquarters