# View Source Grizzly.ZWave.CommandClasses.Security2 (grizzly v8.2.3)

Security 2 (S2) Command Class

### Definitions

**CKDF**- CMAC-based Key Derivation Function**MEI**- Mutual Entropy Input**SPAN**- Singlecast Pre-Agreed Nonce**MPAN**- Multicast Pre-Agreed Nonce**MGRP**- Multicast Group**SOS**- Singlecast Out-of-Sync**MOS**- Multicast Out-of-Sync

# Summary

## Functions

Mix and expand the sender and receiver entropy inputs into a nonce using CKDF-MEI.

Computes an ECDH public key for the given private key.

Encode the ECDH public key into a DSK string.

Computes the shared secret using the ECDH algorithm with the local node's private key and the remote node's public key (as reported by S2 Public Key Report).

Expands a network key into a CCM key for encryption and authorization, a personalization string, and an MPAN key using the CKDF-Expand algorithm as described in https://datatracker.ietf.org/doc/html/draft-moskowitz-hip-dex-02#section-6.3.

Expands a network key into a CCM key for encryption and authorization, a personalization string, and an MPAN key using the CKDF-Expand algorithm as described in https://datatracker.ietf.org/doc/html/draft-moskowitz-hip-dex-02#section-6.3.

Expands a temporary network key into a CCM key for encryption and authorization, a personalization string, and an MPAN key using the CKDF-Expand algorithm as described in https://datatracker.ietf.org/doc/html/draft-moskowitz-hip-dex-02#section-6.3.

# Types

`@type ecdh_profile() :: :curve_25519`

`@type kex_scheme() :: :kex_scheme_1`

# Functions

`@spec ckdf_mei_expand(<<_::128>>, <<_::128>>) :: <<_::256>>`

Mix and expand the sender and receiver entropy inputs into a nonce using CKDF-MEI.

Computes an ECDH public key for the given private key.

Encode the ECDH public key into a DSK string.

Expands a network key into a CCM key for encryption and authorization, a personalization string, and an MPAN key using the CKDF-Expand algorithm as described in https://datatracker.ietf.org/doc/html/draft-moskowitz-hip-dex-02#section-6.3.

Expands a temporary network key into a CCM key for encryption and authorization, a personalization string, and an MPAN key using the CKDF-Expand algorithm as described in https://datatracker.ietf.org/doc/html/draft-moskowitz-hip-dex-02#section-6.3.

# temp_key_extract(ecdh_shared_secret, sender_pubkey, receiver_pubkey)

View Source`@spec temp_key_extract(<<_::256>>, <<_::256>>, <<_::256>>) :: <<_::128>>`