Z-Wave S2 Security Work

Still in the “Alpha testing of S2 logic with ZLink ZL-PA-100 Plug Switch” stage.

One item that is slowing me down quite a bit is that the powers that be refuse to publish test vectors for the custom functions (CKDF-TempExpand and CKDF-TempExtract) of the ZWave S2 spec. This means I’m stuck testing everything at once without a way to narrow down problems. It would be great to have a second set of eyes to compare my code to what’s in the spec to look for problems.

I’m also working on rebasing my changes against Chris’ latest changes and migrating to the new OH build system. Last time I tried to move the new build system it didn’t go well, but it’s probably time I try it again.

I’m interested in giving you a hand.

I have OpenHAB 2.5.0M2 installed (Windows 10), with Zooz Z-Wave stick (Zooz Z-Wave Plus S2 USB Stick ZST10).

Also have 1 S2 enabled device (HomeSeer Z-Wave Plus Floodlight Sensor [HS-FLS199+])

Forgive me, but I haven’t sniffed any network traffic to see what (if anything) appears during pairing, but I was wondering if we could pair the device, but not “enable” it (without adding the DSK [Device Specific Key] via the Configuration of Things UI)?

That way, we would not have to intercept the pairing with a UI injection. Presumably (in my mind), if the DSK is needed to complete the pairing, a SUBSEQUENT pairing could look to see if we have that UID and thingTypeUID (for the device being paired), that already has the DSK key recorded (thereby allowing the pairing to complete).

Granted that would make pairing a multi-step process, but it would eliminate having to hack the pairing process and/or UI.

Can you point me to the S2 spec you’re basing your code on?


Looks good. My branch is still based on 2.4, but I should be able to rebase against 2.5 soon, now that I have a 2.5 eclipse dev environment working again

If I understand correctly, you are suggesting a way to avoid the user from having to enter a portion of the DSK. Couple of thoughts:

  1. The DSK key is a unique key that is different for every device (even of devices of the same model. It’s printed on the device)
  2. During pairing, the device doesn’t transmit the full key, only part of it. The user HAS to enter the rest of the key somehow (GUI, config file, somewhere)
  3. @chris wants the OH implementation to be spec compliant

It’s here. IIRC, you just have to create a free account to download the docs


Im new here and new to Zwave … Im already read a lot and try to use search function but didn’t find anything usefull… I have Zwave Plus devices(Fibaro Walli series) and some of them are installed on places with hard/impossible access so pressing button to add them into network is not possible… They all have SmartStart function and I have DSK keys for them and I can also turn them off/on with fuse so this procedure is possible in case that something go wrong with zwave network or openhab settings…

Does OpenHab already support S2 Security? As I know SmartStart is part of it. If not what is state of updated binding which will support S2 security?
If is supported where in openhab I can write that DSK key to add device?
I don’t know how exactly binding work on openhab but probably UI inserting DSK can be done by inserting DSK into database before we start initialization of device. So we write/scan DSK in Open hab and then restart zwave device…
Thanks for answers :slight_smile:

No - it supports S0 security.

ZWave have made things very problematic here now. It is no longer allowed to interface to the serial API, so certifying products in the way the binding currently works is not possible. This requires some significant rewrite of the binding.

Note that S0 should work with ALL devices - even those that state that they only support S2 since it is a requirement for S2 to be backward compatible with S0.

Hi @chris thanks for your answers and time for developing and improving this binding. How I can add some device to openhab if I don’t have physical access to it? SmartStart option solve that problem… Can I add secondary controller into network which support SmarStart and then add device into network with SmartStart function? Will that option work? Something like connecting device to secondary controller(Windows PC) with S2 security using SmartStart and then when this new device is in network downgrade device S2 security to S0. Is this possible?
I can add device into network now and install it but later if something happen to network I can’t access to this device to press buton to re-add it… It will be installed behind the closet in which will be installed refrigerator and taking everything apart will be time consuming task… :slight_smile:

Update on the S2 code I’ve been working on for a while now.

I wrote the majority of the code to handle the S2 negotiation in software in 2018/2019, but there are a few major barriers to moving forward with the software solution:

  • The powers that be technically open sourced the spec which theoretically include details of how to execute S2. BUT, they refuse to publish test vectors (you need an account to see the thread. There’s not much to see other than them saying they won’t do it). Which is clear signal that they don’t actually want anyone to implement it.

  • Parts of the spec are ambiguous when it comes to implementing the crypto, so it’s a slow, trial and error process getting this to work without test vectors or a reference implementation.

The alternate is to find a stick that implements most of the S2 stuff in hardware (handshake requires user input, so there would still be some software to write). Aeotec to the rescue!! (or so I thought)

  • The new Aeotec Z-Stick Gen5+ claims “native S2 support”. I ordered a stick as soon as they announced it. First one got lost in the mail. They sent me another which arrived yesterday.

  • While I was waiting, I asked Aeotec for the actual commands to use to invoke the native S2 operations and how to pass the user input data.

  • The support guy reached out to engineering but never got a clear answer

  • Then told me it needs to be done in software. This seems quite contradictory, but I will say the support guy I’m working with seems to be doing his best given that he hasn’t gotten a clear answer from the engineering dept.

  • If anyone has some pull or clout with Aeotec, please help as this is our best bet. I’m not sure why it would be marketed as having native support if doesn’t. I’m convinced it does, although maybe that’s just wishful thinking.

  • I’m getting my OH3 development env setup and I’ll play around with the new stick a little this weekend to see if I can find anything that way

The S2 keys are in the controller firmware and most recent firmwares have the capability. A simple uzb3 does and you can set the key from the standard programmer app.

You can test using PC Controller.

your test devices will nee 6.71 or greater

Hey Dave,
Thanks for the update. I’m a bit surprised that Silabs won’t publish test vectors. In theory this is meant to be opened up - although they also state that if a system implements its own S2 implementation then certification will be more difficult due to additional testing.

I assume this is your ticket, so only you can view this.

As far as I know (from my discussions with Silabs) S2 is not implemented in the stick. I made this recommendation about a year ago during some discussions with Silabs and one of my customers, but it was clear that they were on a certain path, and changing that would be difficult. This is fair enough, but unfortunate as it still requires ZIP for an easy route through certification.

I have contacts at Aeon, so I’ll ask, but I very much doubt that it will be implemented in their stick firmware. I’m pretty sure they are just using the standard firmware.

Just looked in the Z/IP source for S2 tests. This is latest distributed release.

S0 tests but can’t see any S2 tests.

S2 works from Z/IP but it is interesting that there are no tests in the source distribution.

1 Like

Ah ok, so I guess the ticket is private. My first request was for test vectors.
They replied: " This is not something we have"
I pushed a little further and then got this response:
“Since we have already implemented S2 in our solution, we do not provide any kind of test vectors as our customers would not have to implement S2 themself.”

Ah, nteresting. I download the source and found some S2 stuff under /usr/local/libs2/inclusion. I see what appears to be test cases (6000 lines long :thinking: ) and the implementation itself. That should give me what I need. Well, that and a lot of time, lol.

One thing that’s odd. I download zipgateway-2.81.03-Source.tar.bz2 from here which has files from April 2019. I see your screenshot had version 7.15.02. Did they really bump the versions that quickly in less than 2 years or are we looking at two completely different things?

Lots of small changes. The early version had distributed encryption even if you intended to run all locally. Each release makes small improvements and wraps all the complexity. I think a lot of the objections to it are because it has forced a vast change from the old direct to serial but that interface is not that easy and the way they have wrapped that and managed the queues is very effective. The latest release brought in 16 bit node id rather than 8 bit support of the past and as all is designed for backward compatibility must have the code to check what the z-wave firmware supports .

When I first installed I thought it was underwhelming but now I can see it has a lot of advantages and it performs very well. It also has taken away the need to write a lot of code like S2 handling and 6000 lines of test cases.

Hi. I am going to user roller shutter from Fibaro and hide in flush-mounted box so I will not have access to it. Seems like S2 and SmartStart is something that can save me in future.

I just wanted to ask how things are going on? I will scan and write down all codes from devices but so if you can confirm it will work in future for sure - I am fine with that!


You don’t need S2 just because you’re going to hide the device in a flush box. Presumably there will still be buttons available so you can control the device so normally these can be used.

I don’t think S2 or SmartStart really helps and in general I would advise not to bury any electronic device into a wall where it can’t be accessed - things can always fail :wink:

To answer your question about S2 though - I don’t think there is any real progress on this.

1 Like

So if the S2 handling logic went away, where did it go?
Probably a dumb question… I know a lot about java and a lot about crypto… but not much about the nuts and bolts of zwave :slight_smile:

@chris resurrecting my past work, which git branch should I put my work on top of to be in line with the current OH 3.x?
Thinking main as it’s the most current, but I figured I would check to be sure

Yep - main is the right one :+1:

Heya folks, hope you don’t mind a small poke - any success with S2 impl ? no worries if not :slight_smile:

I’ve resumed my work on this. Was waiting for OH to reach java 17 as it has some the crypto I need. Working out the bugs in the S2 pairing process.