Fashewar ZigBee, 'Haɗarin Tsaro' Haske mai Wayo zuwa 'Ƙarshen Matattu'?

[rubutu / Injiniya LED Xuchao Peng] 2015 kwanan nan da aka gudanar a Las Vegas \u0026 middot; Black Hat (BlackHat), masu binciken sun fitar da takarda. Takardar ta yi nuni da cewa, aibi a cikin ka'idar ZigBee, filin wasa na LED yana haskakawa dan gwanin kwamfuta na iya cutar da wannan hanyar sadarwa ta ZigBee, domin samun iko da duk na'urorin da ke cikin hanyar sadarwar. akan sirrin maɓallan hanyar sadarwa. Kuma, fitilun filin wasa daga firikwensin zafin jiki mai kaifin kwan fitila kamar yadda makullin ƙofar suka gwada nuninmu, masu siyar da waɗannan na'urori don tura ƙaramin adadin buƙatun don tantancewa, babu wasu zaɓuɓɓuka don haɓaka matakin tsaro, don haka ba da dan gwanin kwamfuta yana ba da matukar dacewa. Masu binciken sun kara da cewa sun rubuta. Babban wutar lantarki ya haifar da hasken ambaliyar ruwa ya ruwaito cewa lahani ya ƙunshi nau'o'in kayan aiki iri-iri, mai gwanin kwamfuta zai iya amfani da madauki na na'urorin yarjejeniya na ZigBee, da hankali ya mamaye gidan ku, kyauta don sarrafa makullin cibiyar sadarwar ku, tsarin ƙararrawa, har ma da iya. don canza kwararan fitila. Na wani lokaci ya haifar da damuwa a cikin masana'antar. backpfrontp present, ZigBee (Zigbee yarjejeniya) dangane da IEEE802.15.4 misali, 1000W LED ambaliya haske a matsayin low-cost, low-power, short-keway mara igiyar waya fasahar sadarwa sadarwa, riga yadu a cikin fitilu, kamar mai wayo, Makullan ƙofa mai wayo, na'urori masu auna motsi, na'urori masu auna zafin jiki da sauran manyan na'urorin sadarwar da ke fitowa, kuma suna da babban ikon mallaka. Don haka, masu binciken sun ce gaskiyar ko, a matsayin taron Black Hat, zai haifar da samfuran bayanan sirri na rikicin tsaro, Injiniya LED kuma ya gudanar da nasa binciken. a matakin yarjejeniya, hasken rami na LED lamarin ba shi da asalin fasaha kuma maɓallin izinin hanyar sadarwa na ciki yana da wahalar mamayewa. Shun Zhou daraktan kayayyakin fasaha na Jiang Hongfei. backpfrontp A cewar gabatarwar Jiang, Zigbee mara igiyar waya yarjejeniya ɗaya ce daga cikin mafi amintattun fasaha don ka'idar ZigBee, bai riga ya bayyana tare da precedent na hutu na duniya ba.Engineering LED bay light sanar, Zigbee tsaro saboda tsarin sa na tsari, wanda ke amfani da boye-boye AES (Babban ɓoyewa). Tsarin boye-boye), ƙwaƙƙwaran fasahar ɓoyayyen katin banki 12x, amma, tari Z don samar da cikakkiyar tallafin Zigbee, CC2530 na goyan bayan ɓoyayyen ɓoyayyen 128bit AES algorithm a cikin tari na yarjejeniya don gujewa tsangwama na kayan aiki iri ɗaya, da sauran na'urori don hana satar bayanan. . A bayyane ya ce, AES sabon ɓoyayyen algorithm za a iya amfani da shi don kare bayanan lantarki, wanda ke amfani da fakiti, fakitin maɓalli na simmetric, da fakiti (16 bytes) don ɓoyewa da ɓoye bayanan 128. Yana amfani da tsarin madauki a cikin wannan sake zagayowar ana maimaita ƙaura. (permutations) da sauyawa (masu maye gurbin) bayanan shigar da bayanai, don tabbatar da tsaro na tsarin. Wakilin Jiang Hongfei. backpfrontp da ke ƙasa Injiniya LED fagen haske kuma ya taƙaita Zigbee hanyoyin tsaro guda uku, don inganta tsaro na bayanai: backpfrontp 1), tsarin ciki na tsaro; backpfrontp ZigBee yarjejeniya don samun amintacciyar hanyar sadarwa, duk na'urori dole ne a ƙirƙira su madubi An kunna tuta ta riga-kafi, saita kalmar sirri ta tsoho, ana iya saita tsohuwar kalmar sirri zuwa kowace na'ura akan hanyar sadarwa ko saita shi ga mai gudanarwa kawai, kuma sa'an nan kuma rarraba zuwa duk na'urorin idan cibiyar sadarwa. Lura cewa, a lokuta masu zuwa, za a rarraba kalmar sirri ga kowannensu don shiga kayan aikin cibiyar sadarwa. Don haka, shiga cikin hanyar sadarwar yayin lokacin rauni ya zama, amma yana ƙoƙarin kammala shi a cikin milli seconds goma. backpfrontp 2), tsauraran kula da hanyar sadarwa; A cikin amintacciyar hanyar sadarwa, lokacin da na'ura ta shiga cibiyar sadarwar za a gaya wa cibiyar amintattu. Cibiyar Kiredit ta ƙyale ta ci gaba da kasancewa a cikin na'urar sadarwar ko kuma an hana samun damar hanyar sadarwa wannan haƙƙin zaɓin na'urar, filin wasan yana haskaka hasken wutar lantarki cibiyar amintattu za ta iya yanke shawarar ko za ta ba da damar na'urar shiga hanyar sadarwar ta kowace hanya mai ma'ana, ɗayan Cibiyar Amintacciya ce kawai. na'ura ɗaya a cikin ɗan gajeren lokacin taga don shiga cibiyar sadarwar, wanda mai amfani ba zai iya ƙetare tsarin lasisi ba; backpfrontp 3), tsaro bayanan aikace-aikacen; Amintaccen cibiyar na iya sabunta kalmar sirri ta hanyar sadarwa bisa ga hukuncin nasu. Masu haɓaka aikace-aikacen don canza kalmar wucewa ta hanyar sadarwa na manufofin, ana iya amfani da tsohuwar Cibiyar Amincewa don tantance manufofin daidai da aiwatar da ma'aikatan ci gaba, za a sabunta dabarun a tazara na yau da kullun daidai da zagayowar kalmar sirri ta hanyar sadarwar ku. backpbackpfrontp Bugu da kari, yawancin masana'antun cikin gida na yarjejeniyar fasaha ta Zigbee, irin su gero, fitulun motsa jiki Lenovo, OU da dai sauransu, waɗanda suka dogara ne akan yarjejeniyar da aka gyara bisa yarjejeniyar haɗin gwiwa, don zama ƙa'idodin mallakar kansu, don haka tare da sauran tsarin Zigbee ba sa yin mu'amala da su. Jiang Hongfei da aka ambata, bisa la'akari da sama, ya yi imanin cewa masu kutse suna son shiga cikin tsarin wahala yana da girma sosai. backpfrontp gaskiya, ga sosai sophisticated sana'a hackers, kuma watakila ma mamayewa na kaifin baki gida na'urorin rashin daidaito yiwu, amma ga talakawan mai amfani, wannan abu ba za a iya gane. Bugu da ƙari, don kashe ƙoƙari mai yawa, ma'anar ƙarya? Don haka don Black Hat ya fashe haɗarin tsaro na Zigbee, mun ɗan ɗan huta, da kyau samfuran hasken haske sun tafi! Baya