Apple’s security requirements are reportedly holding up HomeKit
Smart home devices using Wi-Fi and Bluetooth LE must meet stringent security standards.
By Caitlin McGarry
MacworldJUL 23, 2015 2:10 am PDT
Apple launched HomeKit last year to unite your smart home accessories under one framework. But we’ve only seen a
handful of HomeKit-compatible devices on
store shelves, and now manufacturers are saying Apple’s tough security demands are causing the delay.
Devices that use both Wi-Fi and Bluetooth LE are suffering the most, according to
Forbes. Apple has stringent requirements for manufacturers aiming to get HomeKit-certified for Bluetooth LE and Wi-Fi accessories: those devices must use 3072-bit keys and Curve25519, the 128-bit elliptic curve, for encrypted key exchange and digital signatures. Those security standards will help HomeKit devices protect against outside attacks, but they’re also causing lags in devices that are supposed to respond quickly to user requests. For instance, a smart door lock that takes seven minutes to open using Apple’s encryption requirements, or even 40 seconds, can’t compete with a dumb door lock that opens almost instantly.
The problems are at the chip level. Broadcom and Marvell are working to make their Bluetooth LE chips beefy enough to withstand Apple’s encryption standards so the lag time isn’t so lengthy.
Why this matters: While accessory makers would love to get HomeKit-compatible products on the market right now, Apple’s requirements will force those products to adhere to strict security standards that are beneficial to buyers in the long run. Super secure connected home products will become the standard non-HomeKit devices will have to meet, too. Right now, the Internet of Things is under close scrutiny for opening the door to hackers who can then
hijack your smart home. If HomeKit can elevate those connected devices to a higher caliber of security, the entire industry wins.