Sunday, October 30, 2016

HomeKit’s Stringent Security Requirements

Aaron Tilley (in 2015, via John Gruber):

Apple allows for either WiFi or Bluetooth low energy (LE)-enabled devices to get certified as a HomeKit accessory. Apple is requiring device makers using both WiFi and Bluetooth LE to use complicated encryption with 3072-bit keys, as well as the super secure Curve25519, which is an elliptic curve used for digital signatures and exchanging encrypted keys.


Another source who requested anonymity to protect his relationship with Apple said lag times reached 7 minutes when his company’s device tried to use the HomeKit protocol through Bluetooth LE. According to the source, chipmakers like Broadcom BRCM +% and Marvell are revamping their Bluetooth LE chips to better handle the level of encryption required by Apple.


All of this pain, however, could be a boon for the smart home industry, especially on the security side. The industry has had to contend with a reputation for lackluster security.

Comments RSS · Twitter

Leave a Comment