Developing for the smart home is a challenge. That challenge is compounded when trying to provide secure communications between a home network and the Internet. The abundance of smartphone apps that allow remote access to home automation devices further intensifies these challenges especially given the attention it draws to hackers. Hackers have had particular interest in this segment of IoT, putting the security of consumer products in the spotlight. Barely a week goes by without a news report of yet another security breach at a major company or government agency.
The increase in security concerns stem from a growing number of threats on outdated systems and protocols that haven’t evolved to meet the sheer volume of connected devices. Platform security weaknesses can ruin consumer confidence in their smart home, and cause them to switch between device carriers or abandon their system altogether. Given the reach of the new IoT ecosystem, cybersecurity is growing and becoming more critical than ever, and companies from many industries are rushing to meet higher standards of security.
As homes become smarter—with security systems, thermostats, and lights that talk to one another and are all controlled with the touch of a finger—consumers demand that the highest level of home intelligence comes with the highest level of security. Device manufacturers need to be vigilant about consumer fears and consider the security of their own devices, but also about the security of all the devices in the ecosystem.
Fears of device hacking or security breaches in an ever-expanding internet of things (IoT) world and within a marketplace that does not have an industry standard for data transmission and instruction are not without merit. The IoT landscape, all of which is potentially hackable, includes a vast number of devices. All devices, whether professionally- or DIY-installed, communicate with each other and the internet, via one or more wireless protocols, such as Z-Wave; others include ZigBee, Bluetooth, and Wi-Fi. The protocols themselves generally feature built-in security of various levels. However, the methods that individual brands and smart home systems use to transmit data and instructions via these protocols, both inside and outside the home, can vary greatly in sophistication and unfortunately, in attention to security. At times, for manufacturers, the security process can feel overwhelming and they may be unsure where to begin.
The potential for IoT Smart Home Attacks
These types of hacks are easy to imagine. On a micro level, consumers worry about hackers getting ahold of their personal information or data about their home and using that data against them to break in, steal identities, or find out when no one is home. The fear is that hackers can break into your home by “virtually picking” your smart lock or access your smart devices and spy on your family. The far more likely and more serious attack is on the macro level. With the increased amount of sensors and data that hackers could potentially collect an attack could hit the cloud and access a large number of connected devices at once, like 1000 air conditioners for example, to affect not just one person but the entire power grid. In a recent and real-world example, and made residents think the city was under attack.
There are three layers of connected networks that are pertinent to overall security: the wide area network (WAN), i.e. the Internet; the local area network (LAN) or “home network”; and the personal area network (PAN), which consists of the end-node devices. Several issues can arise when designing genuinely secure solutions within these varied communication pathways. Security attack threats, cryptographic computation power, available network bandwidth, available code space, firewall policies, and efficient battery operation are only a few, and must all be taken into consideration.
Your lines of defense
Among the various smart home protocols, Z-Wave is the longest established, and as a result, has invested the most focus on cyber protection and recently introduced the new security framework, Z-Wave Security 2 (S2). Z-Wave has always used AES-128 levels of encryption.
Fun Fact: The U.S. government considers AES-128 safe enough for classified information up to the SECRET level. Combined with S2 authentication and nonce scrambling, there is no known method for overriding this protection—even using the power of a supercomputer.
However, prior to S2, Z-Wave was built on application layers, meaning that the decision was on the manufacturers to implement the security and not all manufacturers have the same level of expertise or appreciation for the importance of security to do it well. For example, if a manufacturer is building a lock, they may only be concerned with building a reputable lock or shrug at the idea that a hacker could “turn a light switch on and off.” However, if a nefarious hacker is able to control a light switch, he may also know if you are home or not. It matters.
S2 prevents a hacker’s ability to do this entirely by eliminating application layers and replacing them with an entire protocol. Instead of saying: “Send command to this and this,” it says: “Send secure.” Now, all transmissions are sent safely. Hackers cannot circumvent the security application layer. The heavy lifting is built directly into the protocol and manufacturers can rest easy, focus on building a reputable product, and not have to be security experts. Sigma Designs, the manufacturers of Z-Wave chips, has done it for them…with the help of a few really smart friends.
Insight from cyber security community
Who are these friends? To reach this level of security, Sigma Designs stepped outside the box. The company worked with a community that can often get a bad rap, the hacker community, to create the Fort Knox of smart home protocols. Sigma opened its code entirely to the hacker community for their thoughts, additions, and input. Cooperation led to a level of security that is bar none by targeting security measures in the S2 Framework that preempt the common hacking methods "man-in-the-middle" and “brute-force” attacks. Man-in-the-middle attacks are well-described by their name; the hacker tries to intercept communications between two points and alter them. Likewise, "brute-force" attacks are just as they sound; automated, exhaustive attempts to try every possible data combination to break into the system. Consistent, pervasive encryption is the only real deterrent against these breaches and hijacks. Soon, all smart home systems, regardless of brand or protocol, will be expected to include pre-emptive measures against these attacks.
While neither of these scenarios are common occurrences, their threat remains very real. Z-Wave has taken additional steps to prevent them by monitoring periodical heartbeat signals from all Z-Wave network nodes. This detects jamming as soon as the attack is initiated, and requires S2 encryption for all commands to the door lock. In this way, it is impossible for an intruder to capture the network key via logging. Z-Wave’s S2 key exchange uses Diffie-Hellman key exchange and out-of-band authentication.
The Diffie-Hellman key exchange method adds an additional step to the security process, by allowing two nodes to establish a shared secret key for communication over an insecure network, using a one-way function. An illustrative example of how this key exchange works would be two paint colors mixed together; it is nearly impossible to separate them. A similar mathematical one-way function would be raising large prime numbers to the power of large numbers. Given sufficiently large numbers, even today’s supercomputers will have a hard time reversing this operation.
In addition to the hacker community, Sigma worked hand-in-hand with security architecture experts to implement higher levels of security without negatively impacting other device features, like battery life, with the launch of S2. Features of the new security protocol include secure communication for both individual devices and cloud communications; a QR or PIN code requirement on the device itself when new local devices are added into the network so there's no window of unencrypted activity for hackers to exploit; and for cloud-accessible systems, the S2 technology routes all communications through a secure transport layer security (TLS) tunnel. All of this added security comes without diminished battery life capabilities.
The S2 framework is currently available for implementation and has been made mandatory on all devices submitted for Z-Wave certification. Existing devices will continue to be backwards compatible with the new S2 smart devices.
Rock-solid protection against most cyber intrusions will one day be a given; the market will demand it. In the meantime, Security 2 (S2) is the direct path for consumer IoT developers to ensure a secure device and make sure it interoperates with an equally secure ecosystem.
Johan Pedersen, Product Marketing Manager, Sigma Designs
Image Credit: Bergserg/ Shutterstock