It’s been more than a year since Apple announced HomeKit, its
system for connecting smart home devices through iOS. And as with
all things Apple, expectations are high. Maybe too high.
So far, only five companies have launched HomeKit-certified smart
home devices. What’s the hold up? Apple has thrown a plethora of
challenges at hardware makers, and some developers say one of the
biggest is complying with Apple’s strict security requirements on
Bluetooth low energy devices.
Apple allows for either WiFi or Bluetooth low energy (LE)-enabled
devices to get certified as a HomeKit accessory. Apple is
requiring device makers using both WiFi and Bluetooth LE to use
complicated encryption with 3072-bit keys, as well as the super
secure Curve25519, which is an elliptic curve used for digital
signatures and exchanging encrypted keys.
“These security protocols are bleeding edge,” said Diogo Monica, a
security lead at Docker and an IEEE security expert.