Dear Nuki Support!
After reading the GDPR rules, I opened the content of the website “The Nuki Encryption Concept”. I have some questions about this.
Is encryption done in software or hardware? Does the device have some kind of encryption chip? TPM or similar (Xiaomi SherLock) MJSC chip.
What is MJSC?
“The virtual keys can be given an expiration date or can be deleted at any time by the main owner. It also has built-in home custom security chip (MJSC) and each chip has a unique private key and certificate. The security chip also ensures there is a two-way encrypted communication only between the app and the gadget.”
If encryption is done in hardware, as in the case of Xiaomi, what happens if the chip is removed from the Nuki device? Will the secret code sent between the device and the phone be readable?
A different kind of question:
If I understand correctly, according to GDPR, no encryption data is stored by the service provider (in this case nuki). Is it possible to issue an encryption key upon request by the military, secret services, police? Or, since the server does not store such data, can the provider not transfer any data to these authorities?
The Nuki encryption is documented in the public BLE API. All encryption functions are open source functions and can be run in software or hardware accelerated. There is no specific „black box“ or similar inside the Smart Lock.
If you dismantle the Smart Lock and somehow manage to read the key, this does not help you much as you on the one hand have to be already inside the door in order to do so and on the other hand you only get per device and per user unique keys, which do not help you in trying to unlock another Nuki.
There is no specific „black box“ or similar inside the Smart Lock.
- For what purpose could the MJSC chip have been integrated into the device? Does it make sense? Is it possible that this is just an advertising trick?
we have created our own encryption protocol to use alongside normal Bluetooth communication.
- Therefore it does not contain a TPM or other encryption chip?
other hand you only get per device and per user unique keys, which do not help you in trying to unlock another Nuki.
- I would like to know a bit more about how exactly does the device work encrypt method. There are two theories about this in my mind:
1.) First step the lock generate a random long code which is decoded by the phone? A long, incomprehensible sequence of numbers is generated, from which the lock and the phone add, subtract, multiply and finally calculate the solution? Is this why hardware encryption is not needed? Because only the phone and the lock know the mathematical formula?
2.) Or after the “first” setup pairing process, does the system create a secret code into the phone and the smart lock? Then every time, when the phone sends the unlock command (the stored unlock code) to the lock, which is encrypted over the bluetooth or internet connection?
In the second case, what guarantees that the stored code can’t be get out from the device and the phone by some method?
The entire BLE communication including pairing and encryption is publicly documented here:
In a nutshell: The encryption is based on a unique shared secret per user per device which is both stored on the Smart Lock (or Opener etc.) and the paired smartphone (or bridge etc.). The shared secret is derived using the proven Diffie-Hellman key exchange. After pairing all communication is encrypted with XSalsa20-Poly1305 using the shared secret.