At WWDC 2014, Apple introduced HomeKit, a framework for controlling smart devices in the home from iPhones and iPads. While many were excited about the possibilities, there have been few HomeKit enabled devices released, with several just recently coming to market. Why such a slow rollout?
It seems that there are high security requirements that Apple is imposing on HomeKit manufacturers. When first announced, these requirements may not have been as clear as they are today, leading those that wanted to create HomeKit-friendly devices having to wait for Apple to detail what they needed. In fact, according to Fortune, those requirements weren’t spelled out until early this year:
Until January—sometime after CES, the annual consumer electronics show—Ecobee didn’t know if HomeKit certification involved software, hardware, or both. This jibes with what others said during the show: Philips, maker of Hue connected light bulbs and a HomeKit partner, implied that its customers wouldn’t experience a disruption. Now that isn’t so clear.
What kind of requirements has Apple put on device makers? Forbes reports that devices, whether Wi-Fi or Bluetooth, have to use a complicated encryption algorithm with a 3072-bit key.
Such a key is theoretically secure beyond current computing means and would remain so until after 2030. Makers must also make use of Curve22519, a cryptographic elliptic curve that is used for digital signatures.
Both of these requirements have lead to current hardware poorly performing in certain communication scenarios. For instance, one anonymous source told Forbes that their device had a lag time of 7 minutes when communicating over Bluetooth LE.
This was due to the high computation requirements of the security measures. To get past this, some manufacturers, like Elgato, are including additional on-chip memory to better handle the heavy computations.
Having figured out a workaround, Elgato is thus one of only a handful of HomeKit device makers to even have approved products using Bluetooth LE. As more device makers can rework their hardware to meet the steep computational requirements, we’ll likely see more approved products hitting Apple Stores.
Why the focus on security? Simple. Apple knows that HomeKit devices are expected to be secure. These devices control temperature, lighting, and home security. Users expect these devices to be controllable only by them and not by any outside source.
It may seem like a delay or excessive measures on Apple’s part, but this is Apple doing what it does best: making sure devices are secure for its customers.