The cipher suite TLS_DHE_DSS_WITH_AES_256_CBC_SHA shall be used and the master key is the 256 bit AES symmetric key created by the DTLS handshake.
RCT Requirements:
each RCT shall hold the certificates for every CA which has signed a certificate for any SPT which can potentially connect to the RCT;
RCT shall provide mechanism to add new CA certificates to the system to allow SPT from a new manufacturer to be connected to the system, as well as a mechanism to delete CA certificates from the system. The details of the insertion/removal of the certificate is outside the scope of this document;
while the DTLS implementation in the RCT may support other cipher suites, only TLS_DHE_DSS_WITH_AES_256_CBC_SHA shall be used for generating the master key.
SPT Requirements:
the SPT shall hold the certificates of the CAs which have signed the certificates for the RCTs to which the SPT may potentially connect. It is not mandatory for the SPT to validate the authenticity of the RCT but it is recommended that it do so;
the Common Name of SPTs X.509 certificate shall be in the format “supplier identifiensupplier specific identifier". Registered Internet domain name of the supplier is used as the supplier ID. This shall uniquely identify the SPT;
the SPTs X.509 certificate shall be signed by a CA which is known to all the RCTs to which it could potentially connect;
the SPT shall only present the cipher suite TLS_DHE_DSS_WITH_AES_256_CBC_SHA to be used in the DTLS handshake.
On completion of the parameter negotiation, the DTLS session is terminated, contexts etc freed and all further communication takes place using the negotiated parameters.
7.2 Connection setup
In case of a reconnect, the ‘Master Set’ as negotiated during commissioning will be initially be used for encryption and authentication the messages between SPT and RCT. The first steps are to request new session parameters that are then used for further communication.
Typically connections are permanent 24/7, in case a connection breaks the SPT will attempt to reestablish the connection.
During the connection setup stage, the following parameters are set in the order per below:
Protocol version level mutually agreed by SPT and RCT;
Encryption selection;
Session key;
Hash;
Path supervision.
The message flow during connection setup (to request the session parameters) is as follows:
Table 48 - Message flow during connection setup
|
SPT |
Direction |
RCT |
Remarks |
|
|
|
|
The hash to start with is the Internet Checksum |
|
VERSION_REQ |
|
|
SPT protocol version |
|
|
|
VERSION_RESP |
RCT protocol version The highest protocol version supported by both SPT and RCT shall be used from now on. Only features supported by agreed protocol version shall be used. |
|
ENCRYPT_SELECT_REQ |
|
ENCRYPT_SELECT_RESP |
|
|
ENCRYPT_KEY_REQ |
|
|
Session key |
|
|
|
ENCRYPT_KEY_RESP |
|
|
HASH_SELECT_REQ |
|
|
|
|
|
|
HASH_SELECT_RESP |
|
|
PATH_SUPERVISION_REQ |
|
|
|
|
|
|
PATH_SUPERVISION_RESP |
|
|
|
|
|
|
|
|
|
|
Connection setup is now complete, IP address is allowed to change after this point. It may/will take some time before the next (poll) message is transmitted. |
|
POLL_MSG |
|
|
First poll send after the poll interval. |
|
|
* |
POLL_RESP |
|
For further details refer to the example in D.2.
Annex A
(normative)
Result codes
Table A.1 - Result codes
|
Bytes |
Response to |
Value |
|
RESP_ACKNOWLEDGE |
All |
0x00 |
|
RESP_NEGATIVE_ACKNOWLEDGE |
All |
0x01 |
|
RESP_EVENT_RCT_COULD_NOT_PROCESS_MESSAGE |
Event messages |
0x10 |
|
RESP_EVENT_PROTOCOL_ID_NOT_SUPPORTED |
Event messages |
0x11 |
|
RESP_EVENT_ACKNOWLEDGE_UNKNOWN_FIELD |
Event messages |
0x12 |
|
RESP_POLL_TOO_SLOW |
Path supervision request |
0x20 |
|
RESP_POLL_REESTABLISH_CONNECTION |
Poll messages |
0x21 |
|
RESP_CMD_NOT_SUPPORTED |
Commands |
0x30 |
|
RESP_DEVICE_ID_UNKNOWN |
Device ID request |
0x31 |
|
RESPJJNKNOWN |
All |
OxFF |
Annex В
(normative)
Protocol Identifiers
The following table summarizes the possible protocol Identifiers for application layer protocol carried by the protocol defined in this Technical Specification.
Each compatible implementation of this protocol shall support at least two types of messaging:
Transparent messages for serially connected AE and / or AS;
Sia DC-03 message structures for AS signals connected by pin inputs;
Sia DC-03 message structures for messages generated internally by SPT and / or RCT.
Table B.1 - Protocol identifiers
|
Protocol ID |
Protocol |
|
01 |
Sia DC-03 messages as described in SIA DC-03-1990.01(R2003.10), Chapter 5 and Annex A |
|
02 |
Ademco Contact ID |
|
03 |
Scancom FF |
|
04 |
VdS 2465 |
|
05 |
CEI ABI 79 5/6 |
|
06 |
SurGard |
|
07 |
F1COM |
|
08 |
SOS Access v4 |
|
|
|
|
254 |
Manufacturer specific |
|
255 |
Transparent, transmitting serially received content in the data field |
A manufacturer wishing to send messages that do not fit any of the listed application protocols shall use protocol identifier 254. Any currently unallocated protocol identifier may be allocated in a later revision of this Technical Specification.Annex C
(normative)
Shared secret
C.1 Formatting of the shared secret
When encoding and formatting the shared secret into a string format, readable for human beings, it shall be represented in ascii hexadecimal format, in Network byte order. E.g. the characters as used are {'0',..,'9'} + {'A',..,'F'}.
Formatting of the key value to improve the readability for humans shall use one of the explicitly named separator symbols or {space}. During formatting, the separator symbols can be freely used to improve readability (e.g. grouping in four char blocks, each block separated by hyphens from each other); during decoding, the occurrence of separator symbols inside of the key string is ignored completely.
NOTE 1 Lower case letters are treated identical to upper case letters, i.e. Lower/upper case transmission problems (like spelling the key string by voice over a telephone line) will lead to a valid decoding of the key.
NOTE 2 Each part of the shared secret has a checksum appended.
Example of encryption key (256-bit with CRC) as part of the shared secret:
363E-2B16-8DBB-5A95-7D5F-2BF4-25A4-5D7C-363E-2B16-8DBB-5A95-7D5F-2BF4-25A4-5D7C- 0689
Example of Connection Handle (with CRC) as part of the shared secret:
7D30-FA26-8238
C.2 Checksum for Shared Secret Formatting
CRC-16-CCITT Checksums are used to detect possible errors in shared secrets before they are used. This clause provides examples of the checksum procedure.
The CRC-16-CCITT calculation is defined by the following parameters:
Polynomial: 0x1021
Initial crc value: Oxffff
C.3 Example of Secret Encoding and Formatting
Example encoding and formatting
Step 1: Create random key
secret key к= 0x36 Зе 2b 16 8d bb 5a 95 7d 5f 2b f4 25 a4 5d 7c
24 e3 cl b9 2f 4b a0 13 ее 6a d9 b2 3f 91 f5 63
(in hex, to see byte order representation)
Step 2: Calculate CRC
CRC16(k) = 0x4A97 (hexadecimal)
Step 3: Present key in ascii hexadecimal format, (optionally) use separators to improve readability:
363E-2B16-8DBB-5A95-7D5F-2BF4-25A4-5D7C-24E3-C1B9-2F4B-A013-EE6A-D9B2-3F91-F563
Step 4: Append encoding of CRC16(k) to k, optionally using separators:
363E-2B16-8DBB-5A95-7D5F-2BF4-25A4-5D7C-24E3-C1B9-2F4B-A013-EE6A-D9B2-3F91-F563- 4A97Annex D
(informative)
Examples of messaging sequences
D.1 Commissioning
The following diagram demonstrates the commissioning messaging sequence.
Devices example:
|
- SPT Device ID |
88998899 |
|
- RCT Device ID |
66776677 |
Shared secret example:
|
- One-time-key |
12341111 |
|
- One-time-connection-handle |
56781111 |
The example Device IDs, keys and handles as shown above are illustrative only, and do not represent the actual format of these parameters.
|
SPT |
Dir |
RCT |
Example Message Data |
Remarks |
Conn Handle |
TX Seq |
' и |
Key |
Encrypt ’ |
Device ID SPT |
Device ID RCT |
|
|
|
|
|
The hash to start with is SHA-256 |
|
|
|
|
|
|
|
|
VERSION^ REQ |
-> |
|
First supported protocol version 1: 1 |
TX sequence number randomly chosen by SPT RX sequence number is not known yet |
56781111 |
42 |
0 |
12341111 |
AES-256 |
0 |
0 |
|
|
L |
VERSION RESP |
Result code: RESP-ACKNOWLEDGE Version: 1 |
|
56781111 |
17 |
43 |
12341111 |
AES-256 |
0 |
0 |
|
CONN-HANDLE- REQ |
|
|
|
|
56781111 |
43 |
18 |
12341111 |
AES-256 |
0 |
0 |
|
SPT |
Dir |
RCT |
Example Message Data |
Remarks |
Conn Handle : |
TX Seq |
RX Seq |
Key |
Encrypt |
Device ID SPT |
Device ID RCT |
|
|
|
CONN_HANDLE_ RESP |
Result code: RESP_ACKNOWLEDGE Connection Handle: 73603722 |
New connection handle generated by RCT, and stored to NVM |
56781111 |
18 |
44 |
12341111 |
AES-256 |
0 |
0 |
|
DEVICE_ID_ REQ |
-» |
|
Flags: Bit 0 - Device ID flag: Clear (Push) Bit 1 - Direction: Clear (SPT Device ID flag) Device ID: 88998899 |
RCT stores the received SPT Device ID in NVM |
73603722 |
44 |
19 |
12341111 |
AES-256 |
0 |
0 |
|
|
<r |
DEV!CE_ID_ RESP |
Result code: RESP.ACKNOWLEDGE Flags: Bit 0 - Device ID flag: Clear (Push) Bit 1 - Direction: Clear (SPT Device ID flag) Device ID: 88998899 |
|
73603722 |
19 |
45 |
12341111 |
AES-256 |
0 |
0 |
|
DEVICE_ID_ REQ |
|
|
Flags: Bit 0 - Device ID flag: Set (Request) Bit 1 - Direction: Set (RCT Device ID flag) Device ID: 0 |
Only from now on the SPT device ID is used in the hash calculation, before this was calculated as 0 |
73603722 |
45 |
20 |
12341111 |
AES-256 |
88998899 |
0 |
|
|
<- |
DEVICE_ID_ RESP |
Result code: RESP_ACKNOWLEDGE Flags: Bit 0 - Device ID flag: Set (Request) Bit 1 - Direction: Set (RCT Device ID flag) Device ID: 66776677 |
SPT stored the received RCT Device ID in NVM |
73603722 |
20 |
46 |
12341111 |
AES-256 |
88998899 |
0 |
|
SPT |
Dlf |
RCT |
Example Message Data |
Remarks |
Conn f TX ' RX Handle л Seq , Seq |
Key |
Encrypt ! |
• Device ID SPT |
Device ID RCT |
||||||
|
ENCRYPT.SELECT. A REQ : |
|
Flags: Bit 0: Set (Master Encryption Selection) Encryption 1: AES-128 Encryption 2: AES-256 |
Only from now on the RCT device ID is used in the hash calculation, before this was calculated as 0. Now the Master Encryption parameters will be exchanged. |
73603722 |
46 |
21 |
12341111 |
AES-256 |
88998899 |
66776677 |
|||||
|
|
4- |
ENCRYPT.SELECT. RESP |
Result code: RESP.ACKNOWLEDGE Flags: 0 Encryption: AES-128 |
RCT chooses AES-128. This new setting does not become active before the new key is exchanged. SPT and RCT store Master Encryption Selection in NVM |
73603722 |
21 |
47 |
12341111 |
AES-256 |
88998899 |
66776677 |
||||
|
ENCRYPT.KEY. REQ |
|
|
Flags: Bit 0 - Direction: Clear (SPT Key Request) Bit 1 - Set (Master Key) Encryption key: 0 |
|
73603722 |
47 |
22 |
12341111 |
AES-256 |
88998899 |
66776677 |
||||
|
|
|
ENCRYPT.KEY. RESP |
Result code: RESP.ACKNOWLEDGE Flags: Bit 0 - Direction: Clear (SPT Key Request) Bit 1 - Set (Master Key) Encryption key; 12342222 |
SPT and RCT store Master Encryption Key in NVM |
73603722 |
22 |
48 |
12341111 |
AES-256 |
88998899 |
66776677 |
||||
|
|
|
|
|
Key update complete, proceed using new encryption key and method |
|
|
|
|
|
|
|
||||
|
DTLS.COMPLETE. REQ |
-> |
|
|
Only when using X.509/DTLS |
73603722 |
48 |
23 |
12342222 |
AES-128 |
88998899 |
66776677 |
||||
|
|
<r |
DTLS.COMPLETE. RESP |
Result code: RESP.ACKNOWLEDGE |
|
73603722 |
23 |
49 |
12342222 |
AES-128 |
88998899 |
66776677 |
||||
This sequence is followed by a Connection Setup.D.2 Connection setup
The following diagram demonstrates the messaging sequence during connection setup.
Devices example:
R
- SPT Device ID
88998899
66776677
CT Device ID|
SPT |
Dir |
RCT |
Example Message Data |
Remarks |
Conn Handle |
TX 1 RX Seq | Seq |
Key |
Encrypt |
Device ID SPT |
Device ID RCT |
|
|
|
|
|
|
The hash to start with is SHA-256 |
|
|
|
|
|
|
|
|
VERSION, REQ |
-> |
|
First supported protocol version 1: 1 |
TX and RX sequence numbers follow commissioning example here. In case of re-connect: - TX seq: random - RX seq: unknown - Encryption as per Master set from NVM |
73603722 |
49 |
24 |
12342222 |
AES-128 |
88998899 |
66776677 |
|
|
|
VERSION, RESP |
Result code: RESP_ACKNOWLEDGE Version: 1 |
|
73603722 |
24 |
50 |
12342222 |
AES-128 |
88998899 |
66776677 |
|
ENCRYPT_SELECT_ REQ |
-> |
|
Flags: Bit 0: Clear (Session Encryption Selection) Encryption 1: AES-128 Encryption 2: AES-256 |
Exchange of session encryption parameters |
73603722 |
50 |
25 |
12342222 |
AES-128 |
88998899 |
66776677 |
|
j |
ENCRYPT.SELECT, RESP |
Result code: RESP_ACKNOWLEDGE Flags: 0 Encryption: AES-128 |
Not stored to NVM |
73603722 |
25 |
51 |
12342222 |
AES-128 |
88998899 |
66776677 |
|
