-48-
v7.3
Wireless Sensor Networks
Meshlium
X
treme
10.2.1.2. Encryption setup
Link layer key management (AES-128)
This feature is provided by XBee modules.
Encryption is this layer provided through the AES 128b algorithm. Specifically through the type AES-CTR. In this
case the Frame Counter field has a unique ID and encrypts all the information contained in the Payload field which
is the place in the link layer frame where the data to be sent is stored. The way in which the libraries have been
developed for module programming means that encryption activation is as simple as running the initialization
function and giving it a key to use in the encryption.
{
xbee.encryptionMode(1);
xbee.setLinkKey(key);
}
In Manager System, on Sensor Network section, users can encrypt messages on link layer. It can be achieved by
setting the parameters:
•
Encrypted mode:
true/false (by default false)
•
Encryption Key:
Must be 16 characters
See section “XBee module setup” for more details about setting encryption.
10.2.1.2.1.
Application layer key management
Meshlium is capable to properly receive encrypted data from Waspmote. The coding process is made in the
application layer, so it is Waspmote and Meshlium processor and not XBee module who encrypts and decrypts
the messages.
The user have to set a key for the encryption in Waspmote and Meshlium.
In Manager System it can be found:
Sensor Networks → Encryption
Figure: Encryption key setup
For each Waspmote can send frames to Meshlium, Waspmotes keys can be added to an encryption Key file. In this
interface the user must specify the node ID and the Waspmote AES secret key (128, 192 or 256 bits).
After defining the above fields to press the button “Add Waspmote”. A new entry is generated in the left list.
To delete Waspmote of list, select the Waspmote and press “Delete Waspmote”. The encrypted frames received
from this node cannot be decrypted anymore.
The AES secret key is necessary to recognize the frames sent each Waspmote to Meshlium.