I need to know which security keys the Z/IP Gateway are using in my Z-Wave Network. With these keys I can decrypt a Zniffer trace. Where are they found?
The Security Keys are found in the log of the Z/IP Gateway.
Run the command below on the target, to examine the logfile in runtime.
$ sudo tail -f /tmp/zipgateway.log
Then start the gateway service, as the keys are displayed in the beginning of the log file:
$ sudo /etc/init.d/zipgateway start
If the gateway is already running, you can just browse to the logfile and open the existing file:
$ nano /tmp/zipgateway.log
An example of a logfile is shown here:
The network keys are then listed as:
These keys can then be copied into the Zniffer to decrypt the trace.
Finally, it is required that the Zniffer knows the S2 singlecast nonce, which are shared during inclusion. If the trace does not include the frames from the inclusion, it is necessary to force a resynchronization between the nodes.