Z-wave pairing flaw could leave smart homes at risk

null

If your home's smart lock uses the Z-Wave protocol, hackers may be able to remotely unlock according to a new pairing flaw discovered by researchers at the UK firm Pen Test Partners. 

The researchers found that Z-Wave, which is used by many smart home devices to communicate with one another, is vulnerable to an attack that forces the current secure pairing method, S2, to be downgraded to SO, an earlier version that contains known weaknesses. 

SO is flawed because when two devices are paired, it encrypts the key exchange using a hard-coded key '0000000000000000'.  This would allow an attacker to capture traffic coming from the network, decrypt it and then obtain the key. 

S2 managed to fix this flaw by using the Diffie-Hellman algorithm to securely share the secret keys but the downgrade caused by the flaw removes this protection. 

Pen Test Partners demonstrated how to carry out the downgrade attack called Z-Shave in a video using a Conexis L1 Smart Door Lock from the company Yale. Following the downgrade, an attacker within 100 meters of the smart lock could steal its keys. 

The company that created Z-Wave, Silicon Labs, responded to the firm's research by claiming that the downgrade to SO is not a vulnerability but actually a feature designed to support backwards compatibility. An attacker would also have very limited time to capture the key. 

Pen Test Partners researcher Ken Munro noted that the entire attack process could easily be automated to make things even simpler for an attacker. 

Securing smart homes and connected devices is no easy task and this vulnerability highlights the fact that all manufacturers need to do more to protect their devices. 

Image Credit: Pixaline / Pixabay