User Manual
Table Of Contents
- 1. Overview
- 2. RF Module Operation
- 3. XBee ZigBee Networks
- Introduction to ZigBee
- ZigBee Stack Layers
- Networking Concepts
- ZigBee Application Layers: In Depth
- Coordinator Operation
- Router Operation
- End Device Operation
- Channel Scanning
- 4. Transmission, Addressing, and Routing
- 5. Security
- 6. Network Commissioning and Diagnostics
- 7. Managing End Devices
- 8. XBee Analog and Digital IO Lines
- 9. API Operation
- API Frame Specifications
- API UART Exchanges
- Supporting the API
- API Frames
- AT Command
- AT Command - Queue Parameter Value
- ZigBee Transmit Request
- Explicit Addressing ZigBee Command Frame
- Remote AT Command Request
- Create Source Route
- AT Command Response
- Modem Status
- ZigBee Transmit Status
- ZigBee Receive Packet
- ZigBee Explicit Rx Indicator
- ZigBee IO Data Sample Rx Indicator
- XBee Sensor Read Indicator
- Node Identification Indicator
- Remote Command Response
- Over-the-Air Firmware Update Status
- Route Record Indicator
- Many-to-One Route Request Indicator
- Sending ZigBee Device Objects (ZDO) Commands with the API
- Sending ZigBee Cluster Library (ZCL) Commands with the API
- Sending Public Profile Commands with the API
- 10. XBee Command Reference Tables
- 11. Module Support
- Appendix A: Definitions
- Appendix B: Agency Certifications
- Appendix C: Migrating from ZNet 2.5 to XBee ZB
- Appendix D: Additional Information
XBee®/XBee‐PRO®ZBRFModules
©2011DigiInternational,Inc. 72
Message integrity Code
If APS security is enabled, the APS header and data payload are authenticated with 128-bit AES. A hash is
performed on these fields and appended as a 4-byte message integrity code (MIC) to the end of the packet.
This MIC is different than the MIC appended by the network layer. The MIC allows the destination device to
ensure the message has not been changed. If the destination device receives a packet and the MIC does not
match the destination device’s own hash of the data, the packet is dropped.
APS Link Keys
There are two kinds of APS link keys – trust center link keys and application link keys. A trust center link key is
established between a device and the trust center, where an application link key is established between a device
and another device in the network where neither device is the trust center.
APS Layer Encryption and Decryption
Packets with APS layer encryption are encrypted at the source and only decrypted by the destination. Since APS
encryption requires a 5-byte header and a 4-byte MIC, the maximum data payload is reduced by 9 bytes when
APS encryption is used.
Network and APS Layer Encryption
Network and APS layer encryption can both be applied to data. The following figure demonstrates the
authentication and encryption performed on the final ZigBee packet when both are applied.