Apple's HomeKit supports Bluetooth but isn't an open spec. Here's the open source code to make it work
[Originally published on my blog http://blog.xojs.org/post/125719728246/mfi-and-homekit but might be of interest here]
Amazon dropped off my Elgato Eve door sensor on Friday. I don’t really need a door sensor, at least not to sense the door, but I did want a Bluetooth HomeKit device to take apart. This one is the cheapest I could find.
The device itself is unsurprising: a Bluetooth CPU/Radio combo, reset switch, magnetic sensor, led, power management, and the MFi chip. The MFi chip has been the subject of some speculation for HomeKit, and its supposed late addition to the spec the reason for product delays. But from what I can see (and based on its part number), this chip is just the same Apple’s MFi chip found in iPhone cables and adaptors. It’s not HomeKit specific. It certainly isn’t responsible the securing the communication between the device and iPhone; it just does what MFi chips always do; secure the relationship between the manufacturer and Apple.
For more information on these chips, DuckDuckGo is your friend; just search for “ipod authentication coprocessor 2.0c”.
A quick note: Because Hackaday doesn't host code, you will see more updates on the relevant GitHub page for this project. You can find it here:
The HomeKit protocol uses some pretty heavy duty math to secure itself. This is especially true with the choice of SRP for pairing an IOS device to a HomeKit device. But while these choices are not the familiar RSA, SHA1 or AES protocols, they are well defined standards already adopted in new cryptographic products. Unfortunately this doesn't make them the speediest choice for a little 16MHz Cortex-M0.
HomeKit has two major security processes. The first is Pairing when a trusted relationship is established between an iOS device and a HomeKit device. The second is Verifying, which takes places each time an iOS device reconnects to a HomeKit device (and so happens often).
Benchmarking these on the nRF51 we see the following:
While pairing is extremely slow, this is less important because it only happens once - we can tolerate this. Verifying is thankfully quick.
Out of interest, I've also benchmarked on the new nRF52 processor. This is a Cortex-M4 device running at 64MHz; quite a bit faster. Here we see the following:
Quite a nice improvement.