I want to set up the encryption in the field by broadcasting session key, can you give steps/commands which I can use to analyze this feature?

            In order to broadcast the session key in the field, a provisioning key must be set in advance. The provisioning key encrypts the session key and ensures that no unencrypted key is ever broadcast. At the factory or at some point prior to field deployment the provisioning key would be set on all devices with the ATPK command:


            Note that 128-bit AES encryption is used and the key is ASCII coded hex as shown above. Next, a session key is set at the coordinator with the ATSK command:


            Next, the session key is broadcast to endpoints using the ATKU and ATKL to broadcast the upper and lower halves of the key respectively. The commands at the coordinator to broadcast the key to endpoint with ID 12345678 are:


            At this point the endpoint now has the session key and encryption is enabled at the endpoint by default. To verify, use the ATEE command to verify that it returns 1 meaning the keys are set and encryption is enabled. The ATKU and ATKL commands can be used repeatedly to pass the keys to multiple endpoints, and once complete the coordinator can enable encryption with the ATEE command:


            Encrypted communication will now operate automatically and messages can be sent the same way as if no encryption was enabled. For instance, the endpoint can send the message “hi” to the coordinator using the basic ATSP command:


            The message arrives at the coordinator the same way as if no encryption was enabled.

            Updated: 18 Sep 2018 01:35 PM
            Help us to make this article better
            0 0