Your browser is not supported. Please update it.

8 January 2016

Z-Wave gets security upgrades for smart home  

Sigma Designs, the company behind wireless mesh network Z-Wave, has announced a new set of security improvements that claim to be “virtually unhackable”.

The basis for these potentially famous last words is a new software developers’ kit (v6.7) and a Security Framework for the Z-Wave stack (ITU G.9959), which Sigma says will “provide the most advanced security for smart home devices and controllers, gateways and hubs in the market today”. The SDK beta will be available in February.

“With leading market share in smart security panels and over 50m devices in the IoT market today, we felt we had a responsibility to put extensive resources into arming Z-Wave devices with the most secure communication framework possible,” said Raoul Wijgergangs, VP of the Z-Wave IoT business unit at Sigma. “The need for technology providers to take a leadership role in IoT security exists in a big way.”

It’s worth noting that Z-Wave still trails behind rival mesh WPAN ZigBee in terms of shipments, but both technologies lack much in the way of consumer familiarity with the brand names. As smart home technology becomes more popular, the mesh networking old guard will need to build out a foothold to fight off the emergence of Bluetooth’s mesh networking implementation this year.

The new security framework builds on AES-128 encryption, with key exchange managed by ECDH (Elliptic Curve Diffie-Hellman) techniques, and all Z-Wave IP traffic tunneled through a TLS tunnel to eliminate cloud vulnerabilities and mitigate man-in-the-middle attacks, with Z-Wave now also supporting authenticated pairing and deployment.