Smart Locks Bring the Need for Strong Encryption to Your Front Door
In an attempt to emphasize the importance of encryption and key management, many have made somewhat light-hearted comparisons between encryption keys and the keys to your home. It is, in many aspects, a fair comparison. However, smart locks bring this comparison into a more literal context than ever before. As the “smart home” concept continues to evolve, the door locks to many consumers' homes are joining lighting and air conditioners as part of the smart home internet of things.
A smart lock is essentially an electric locking mechanism with network connectivity. Smart locks allow users to lock or unlock their doors remotely, through a phone or mobile device using an electronic key. Additionally, if someone needs to access your home while you're away, smart locks offer users the ability to send virtual keys to trusted parties. The days of stashing keys under a doormat or hiding them in a potted plant may soon be gone.
While smart locks have been around for a while, consumers have not embraced the concept on the same scale as other “smart home” products, likely because of concerns over security and perhaps because there simply has not been enough of a benefit to justify the expenditure. However, this may be changing. Amazon recently announced their new Amazon Key in-home delivery service. Amazon Key allows online shoppers to have their packages delivered inside their home while they are away. The service, which requires ownership of a compatible smart lock, uses encryption to communicate with the customer’s smart lock and allows the delivery person to deliver the package inside.
Many other online retailers may soon be offering similar services, and depending on whether the convenience of in-home delivery service resonates with consumers, it’s entirely possible that smart lock technology sees a significant growth in sales in the coming years. With this in mind, we at Futurex wanted to take moment to discuss some of the security considerations and what to look for in smart lock encryption.
Most smart locks will utilize some sort of wireless protocol, likely Bluetooth or Wi-Fi. When a user attempts to unlock a door from their phone or mobile device, the electronic key will be broadcasted to the smart lock. When sensitive information, such as a smart lock key, is sent through a wireless protocol, it is vulnerable to interception to anyone in the vicinity with a Bluetooth or Wi-FI sniffing device. This is where encryption first comes into play. All smart locks applications should encrypt any key being broadcast to or from the lock, which prevents any would-be key sniffers from acquiring the plaintext key.
To take this a step further, it should behoove smart lock providers to use asymmetric encryption that uses a public key infrastructure (PKI). A PKI-enabled smart lock adds additional security in that it uses not only encryption, but it also authenticates the user. To accomplish this, PKI uses both public and private encryption keys. The private key is specific to an individual user and allows the smart lock to authenticate that user as a trusted party. The public key is used to encrypt and decrypt they electronic key itself. This dual factor encryption should be something that all consumers look for when purchasing smart locks. It ensures that even if the lock’s electronic key is stolen, anyone without the proper private key credentials would still be unable to access the smart lock.
For smart lock providers, secure key injection at the manufacturing level and high-volume key management throughout the lock’s lifecycle of day-to-day use are vastly important. Futurex offers the perfect key injection and management solutions needed for smart lock applications. Futurex’s new key management solution, the Key Management Enterprise Server (KMES) Series 3 can handle everything. At the manufacturing level, the KMES can generate and inject keys into the locks themselves. Furthermore, retailers that access their customers’ smart locks on a one-time basis will use temporary keys that expire after a single use. To accomplish this, these providers will need access to a key generation solution that can handle continuous, high-volume key production. The KMES can generate, distribute, and store millions of keys, which give it plenty of throughput capacity for being the Key Management centerpiece of a smart lock provider. Better yet, the KMES, along with all Futurex products, meets a host of rigorous compliance standards such as FIPS 140-2 Level 3 compliance and PCI HSM validation.
If you're interested in using Futurex for your encryption and key management needs, please reach out to one of our Solutions Architects.