encryptionaeszigbee802.11p

Decrypting ZigBee paquets


I would like to decrypt Zigbee paquets from a Xiaomi Aqara switch. Here is the raw encrypted frame I sniffed on a network:

Raw encrypted frame

61 88 64 47 24 00 00 8A 5C 48 02 00 00 8A 5C 1E 5D 28 E1 00 00 00 01 3C E8 01 00 8D 15 00 01 00 01 12 00 04 01 01 62 18 C3 0A 55 00 21 01 00 AC 4C 76 AF 8A FB

Here is the same decrypted frame (decrypted with Ubiqua):

Decrypted frame

61 88 64 47 24 00 00 8A 5C 48 02 00 00 8A 5C 1E 5D 28 E1 00 00 00 01 3C E8 01 00 8D 15 00 01 EA 59 DE 1F 96 0E EA 8A EE 18 5A 11 89 30 96 41 4E 05 A2 43 8A FB

Here is the same frame detailed:

MAC Header :    61 88 64 47 24 00 00 8A 5C
MAC Payload:    48 02 00 00 8A 5C 1E 5D
NWK Aux Header: 28 E1 00 00 00 01 3C E8 01 00 8D 15 00 01
NWK Payload:    00 01 12 00 04 01 01 62 
APS Payload:    18 C3 0A 55 00 21 01 00 
NWK MIC:        AC 4C 76 AF 
MAC Footer:     8A FB

I also know the ZigBee network key:

AD:8E:BB:C4:F9:6A:E7:00:05:06:D3:FC:D1:62:7F:B8

I would like to write a code for decrypting the paquets, but I can't figure out how to do this. I know the algorithm used is EAS-128, I try online tools like cryptii, but I can't output the decrypted frame presented above.

I also do not know which version should be used (CBC, CFB, OFB, CTR, GCM, ECB) neither what is the initialization vector IV.

Any explaination, working solution with online tools, or code written in Python, node.js, PHP or C/C++ is welcome.


Solution

  • The algorithm is AES-128-CCM*, detailed in the section 4.3.1.1 and annex A of the ZigBee specification.

    Detailed answer with the frame in the question: https://lucidar.me/en/zigbee/zigbee-frame-encryption-with-aes-128-ccm/