[REQUEST] Open ZigBee Coordinator Backup Format support for Zigbee network backups and restoring from and to ZiGate #112
Comments
|
@badzz says that he may be working on implementing the new radio API zigpy/zigpy#865 (reply in thread) The whole purpose of this radio API change is to remove the need for radio libraries to have their own independent tools, since this all will be done by zigpy-cli or within zigpy directly. |
|
I have a security concern as regards to this backup tool. For instance if you are able to backup a Zigbee dongle and get it restore somewhere else, this a huge security breach |
|
I think making one service in HA for doing the backup that user can using doing automation is OK. And its the same with your keys to your house or car dont writing the address on them so the finder is not knowing where its can (ab)using them !! |
|
I do not discuss the purpose of the backup, what I'm concern with is the fact that the backup can be use somewhere else and that is a security breach. |
|
Silabs is doing nearly the same and its possible restoring on one other chip but must burning new MAC on it and its can only being made ones if not doing one chip erase with one J-Link probe. But Silabs can restore with wrong MAC of the coordinator but then is the bindings not working to the coordinator and its not working for bonded devices (that is having the old MAC in the table). As long the backup is in clear its still possible getting the network and link keys from it and that is the dangerous thing if your neighbour is also reading this forums :-) |
How so? A user deciding to post their network key online isn't a security breach. Nothing prevents one from posting their WiFi password, online banking credentials, copy of their passport, and full address online, other than common sense. Besides, an attacker interested in your specific network doesn't need access to a backup: the coordinator sends your network key in the clear every time you join a device without using an install code. Zigbee also has zero forward secrecy so an attacker can store your encrypted network traffic for months and then decrypt all past and future traffic when they learn your key. The protocol itself is as secure as a glass door.
Are you saying that you cannot change the IEEE address of a ZiGate coordinator at all?? Can you read the network key after writing it? What about setting the network key frame counter?
Agreed. The evil Zigbee neighbor will always win. |
|
when you do the restore, will the Mac address of the zigbee coordinator overwrite ? The reason is that if it is not done,
|
|
Yes. Make sure to write the original down, deCONZ doesn't work properly if the address prefix changes. |
|
that looks promising also for test purposes. I'll investigate it as it will allow to move test from one key to an other one with the same network |
|
Here is all of the info that can be contained in the network state: https://github.com/puddly/zigpy/blob/d9129dbea31ce90a8b242c18c2adb8533f7f67c9/tests/test_app_state.py#L217-L283 It's unfortunate that the ZiGate does not have any way to even specify the PAN ID during network formation (I think this is a NXP limitation?). I was hoping to try directly editing this data in the PDM (like in zigpy-znp), at least to test with, but the only command that seems like it might work needs to be compiled into the firmware:
My main goal is to migrate my production network over to the ZiGate to test. I'm able to find most of the missing information in the ZiGate flash dump to edit directly but I can't seem to find the frame counter (it's probably implemented as a boot/reset counter), or a single place to edit the PAN ID. |
|
@fairecasoimeme any idea? |
|
Hi, NXP give tools to backup/restore but only NXP to NXP. You can clone only if you write the old MAC address to the new device. |
|
@fairecasoimeme Thank you for the clarification. It looks like this is not possible at the moment. |
|
Originally posted by @pipiche38 in #117 (comment)
@fairecasoimeme could that be used for ZiGate network backup/restore via zigpy-cli utility as discussed in zigpy/zigpy-cli#2 ? |
Request for developers depending on zigpy-zigate to consider implementing Zigbee network backup and restore tools to zigpy-zigate (or zigpy-cli) supporting the "Open ZigBee Coordinator Backup Format" as it is already supported by both zigpy-znp and bellows radio libraries + planned to be supported by all radio libraries for zigpy as a unified standard specification for backups:
Update! The groundwork for these backup features are also indirectly being worked on by @puddly for zigpy-cli (zigpy CLI tool):
That, in turn, is dependent on all the work on the new radio API for zigpy:
which when merged in turn will require that new radio API for zigpy is then implemented into the zigpy-zigate radio library:
@pipiche38 @badzz @SylvainPer @jp-keros posting this request here to upstream zigpy-zigate but I believe that this feature should especially be of personal interest to you guys as if zigpy-zigate (or zigpy-cli) supported backing up and restoring to and from this "Open ZigBee Coordinator Backup Format" then it would allow your developers and users to simply migrate their Zigbee network from a ZiGate based Zigbee adapter to a Texas Instruments (or Silicon Labs Zigbee adapters and ConBee/RaspBee deCONZ adapters) as well as vice versa with reverse migrations.
I would think such a tool could make both testing and development easier as testers and developers will be able to compare the same Zigbee network by simply just temporarily migrating back and forth between different Zigbee stacks and hardware brands seamlessly using backup and restore methods to and from this unified open backup format standard for Zigbee networks without having to re-pair any Zigbee devices.
FYI, this is already a popular upgrade and downgrade method among end-users in the ZHA community as seen in examples here:
PS: Also keep in mind that this Open ZigBee Coordinator Backup Format is also already in use by the Zigbee2MQTT (Z2M) project.
The text was updated successfully, but these errors were encountered: