If you were wondering why manufacturers seemed to be rather slow in launching HomeKit-compatible devices, it may all be down to Apple’s stringent security requirements. Forbes reports that manufacturers are finding it hard to incorporate the extremely secure encryption standards demanded by Apple in order to achieve MFi certification for their products.
Apple is requiring device makers using both WiFi and Bluetooth LE to use complicated encryption with 3072-bit keys, as well as the super secure Curve25519, which is an elliptic curve used for digital signatures and exchanging encrypted keys.
While mains-powered WiFi kit is coping, the processing workload in battery-powered Bluetooth LE devices is leading to extremely slow response times, say manufacturers …
Elgato said that its first attempt to implement the security standards in a Bluetooth-activated door lock resulted in the system taking a full 40 seconds just to determine whether the door was open or closed – an impossible timelag for a system designed to unlock automatically on approach.
Another manufacturer, which declined to be named, said that it saw processing times of up to seven minutes when using standard Bluetooth LE chips.
Elgato says that it solved the problem by tweaking the firmware and adding additional RAM, and that it will make its solution available to other manufacturers – at a price. Chipmakers Broadcom and Marvell are both said to be working on new Bluetooth LE chips able to handle the tougher processing requirements.
Security experts say that it is, however, good news. Bluetooth was originally designed with low-level security, and much concern has been expressed about the potential vulnerability of smart home devices if targeted by hackers. Diogo Monica, a security lead at Docker and an IEEE security expert, told Forbes that regular Bluetooth is “not secure” and it is in everyone’s interests that Apple is forcing the issue.
With the Internet of Things happening, I think Apple’s HomeKit standard enforcing manufacturers to adopt this standard is amazing for the final consumer.