I'm currently developing a wireless connectivity between two embedded devices over 802.15.4 RF protocol. One of the devices is the coordinator(server), and the other is a node(client)
I want to make sure that only specific vendor devices will be able to communicate with the coordinator.
What's the best approach to authenticate a device to the coordinator, so other devices couldn't try to cheat. the messages are over RF so anyone can listen to them with a sniffer.
You could filter by MAC address, since all devices from a single manufacturer will start with the same three-byte OUI.
It would be better to look into the security options of ZigBee though. You could configure all of the devices with a secret, pre-shared key, and only devices with that key will be able to join your network.
Or, look at the Smart Energy model, where each device has a unique pre-shared key. The coordinator is given a MAC address and an install code out of band (some method other than over the ZigBee network) and will then allow that single device to join the network.
What level of security are you looking for? Something to prevent accidental interference by non-participating devices, or something to protect sensitive information from prying eyes? If the latter it's best not to try rolling your own solution as it's very hard to get absolute security right. As mentioned in the last answer: a ZigBee stack would provide a comprehensive solution to the problem, but the cost is added complexity and higher spec hardware (you'd need at least 128kB flash, and 4-8kB RAM to run all classes of ZigBee device comfortably).
