Analysis And Improvement Of Security Layer For Z-Wave Protocol

Z-Wave is a new protocol of Internet of things in smart home field. Compared tothe Zigbee protocol, Z-Wave protocol has a low-cost, low-power, high-reliabilitycharacteristics, which make Z-Wave protocol more appropriate for simple homeapplications. Z-Wave protocol is simple and efficient, but there are also some problemswith it, such as the low efficiency of message transmission, the weak load capacity ofthe node, and the poor rate of data transmission. From the aspect of Z-Wave security,the main achievements are as follows：（1）The issues that may exist in Z-Wave security layer are discussed, whichspecially include the defects in the distribution scheme of Z-Wave network key and theprocedure of secure communication.（2）For the flaws in original key distribution scheme, several commonly usedkey distribution scheme are analyzed, and a compatible key distribution schemedepending on hash collision is introduced. By constructing Hash collision, a temporarykey which computed from different device manufacturer’s private key can be used toprotect the network key from potential attacks. The scheme greatly improves thesecurity of the system, and ensures the compatibility of the equipment as well.（3）Regarding the model of Z-Wave secure communication, the ideal scenario iselaborated in details. Moreover, caching mechanism is introduced into the idealtransmission model mentioned above. Through caching the key pair, Z-Wave protocolcould encapsulate secure payload package without exchanging nonce any more. To beconcluded, the proposal is able to improve the transmission efficiency of the transportstream, and effectively reduce the average response time between the nodes.（4）The key distribution scheme based on Hash collision, and as well as thesecure communication model based on caching mechanism are simulated in theOMNeT++platform. The analysis of the results of the two simulations demonstratesthat the key distribution scheme based on Hash collisions has better security to theoriginal scheme and the Cache-based secure communication model can effectivelyreduce the time of the communications.