Security and encryption
How to enable network security
To enable secure communication, configure the following parameters with the same value in all the
devices of the network.
1. Set the AES Encryption Enable (EE) parameter to 1.
2. Set the AES Encryption Key (KY) parameter to any 32 hexadecimal character string. Setting this
parameter enables the encryption/decryption handshake. Once this parameter has been set, it
is impossible to retrieve the actual value.
Lab: Encrypt a simple DigiMesh network
Follow these steps to add a security level to your network by encrypting communication between the
three XBee modules. Note that this feature is applicable for both AT and API operating modes.
If you get stuck, see
1. Follow the steps in
2. When you have added the modules to XCTU and changed the value of the corresponding
settings, the next step is to enable security on each module. To do so, set the EE and KY
parameters as follows and write the new values:
Once you have done this, the wireless data is encrypted and the communication secure.
Test your encryption
Once you have completed the previous steps, try these methods to see how it's working:
1. Send a message from SENDER to the other two XBee devices.
You will see that the message was received correctly, but because of the
encryption/decryption process, you won't notice any difference in the way the XBee modules
display the information.
2. Now try enabling the encryption on one device but not on the others. Or, enable encryption on
the three devices but with a different key in one of them.
In both of these instances, the receiver modules will not receive the data.
Additional recommendations
Many external agents can compromise the integrity of your security configuration. To maintain the
integrity of your secure network, remember the following:
Safeguard the value of your KY parameter. Do it virtually, but physically as well. Most
n
communication security holes are due to inadequate information protection.
The key you choose should not be easy to guess. While an encryption key can be any 32-bit
n
hexadecimal value, you can create a more complex key by combining hexadecimal characters.
XBee-PRO 900HP DigiMesh Kit User Guide
Troubleshooting for XBee-PRO 900HP DigiMesh Kit
Lab: Set up a simple DigiMesh
How to enable network security
kit.
network.
130