Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

HomeKit market held back by Apple's high encryption demands - report

Last updated

The slow trickle of HomeKit-compatible accessories is reportedly linked to a high level of encryption mandated by Apple, said to be generating unusuable levels of lag in prototype Bluetooth products.

HomeKit encryption standards require that accessories use 3,072-bit keys, and Curve25519, an elliptic curve for signatures and key exchange, according to Forbes. While this is manageable for devices communicating via Wi-Fi, ones using Bluetooth Low Energy (LE) are said to be running into processing barriers.

A spokesman for Elgato commented that one Bluetooth-based sensor it had in development was initially taking up to 40 seconds to determine if a door was open or closed. An anonymous source at another company meanwhile claimed that lag reached up to 7 minutes on a device.

The second person remarked that various makers of Bluetooth LE chips — like Marvell and Broadcom — are working to improve their designs to handle Apple's encryption demands. Apple itself is allegedly aware of the lag problem.

In the meantime, Elgato is coping via optimized firmware and extra onboard memory, and planning to sell its workarounds to other accessory makers. To date, the company is the only HomeKit accessory maker with Bluetooth products.

Other obstacles are allegedly hampering HomeKit development as well. Forbes' sources said that HomeKit code wasn't at a level for MFi (Made for iPhone/iPod/iPad) certification until two months ago, and Apple insists that every change to a product be resubmitted. The latter issue is relatively normal for the MFi program.

Apple's encryption demands are presumably a way of deflecting any worries about using HomeKit products. Whereas someone hacking into an iCloud account might gain access to photos, contacts, and important documents, hacking into a HomeKit network could open up real-world access to someone's home or cause havoc with lighting and appliances.



46 Comments

adrayven 12 Years · 460 comments

Good, I'd rather it be secure.. We've had far to many on the mindset of 'good enough' mentality. Which, currently, NO security encryption is NOT good enough.. even though the smart home OEM's seem to think it is..

jungmark 13 Years · 6927 comments

Market isn't held back by Apple's encryption requirements. It's held back by vendors not able to produce software/hardware to align with Apple's encryption requirements.

windlasher 12 Years · 12 comments

I'm kinda hoping that this isn't a critique of their security requirements. If I am going to load up my house with this stuff it will be nice to know that they have taken all precautions to ensure my security web cam isn't being broadcast to the world or that some idiot doesn't program my AC or Heating to MAX while I am out or worse yet, allow burglars to disable the system and open the doors. RIGHT ???

sflocal 16 Years · 6138 comments

As a developer, I can understand the hassles of what high-encryption can bring in terms of performance.  That being said, it's about damn time ANY company demands it.  How many countless stories have we read over the years with hackers cracking into home equipment and stalking the people?  The industry had all these years to do it, and always decided to ship their products with half-a$$ securities, no passwords, or whatever.  Shame on them, good on Apple.

As usual, Apple has to be the one to pave the way (or give a swift kick to their backside) to take product-security seriously.

Remember those scary incidents with wireless baby monitors being hacked and some nut job talking (cussing) to an infant or parent?  If this were an Apple product, I'd bet money the haters and trolls would be asking for Apple's head, but since there were mainly some cheap-asian junk.. no one cares.

Kudos for Apple.  Watch the Samsung-lovers claim that it was the industry evolving, and not because of Apple's demands.

fallenjt 13 Years · 4056 comments

Thanks Apple for the requirements. I don't want to go home with my smart-lock door wide open because of hackers.