HSM chip new device

Hello Dear Development Team!

I noticed that the danalock smart lock uses an HSM chip solution to store the data needed to unlock it. Is it possible that the next NUKi version will include hardware authentication? I would be very happy if lock opening and locking data were also fully encrypted. Can it be done? Difficult to implement? Or an expensive solution?

1 Like

The Nuki locks use protected, not accessible storage areas in the main MCU for security releveant data. Further more the Nuki security concept ensures that there is only per device security information stored in each lock. i.e. there is no such thing as a master key that could get lost and compromise all locks at the same time.

Hello Jürgen,

In this case, I would like to ask for your help! I am currently using a tedee (Polish) smart lock which also does not contain an HSM chip, but works on a different principle than the nuki. It uses Microsoft azure authentication file. Does nuki work in a more complex and advanced way? In your opinion, which code has more security features? I’m sorry, but I don’t know exactly how these devices work. This is why I am asking for help. Does this mean that the HSM chip does not count like Danalock? Won’t that determine whether the device is Hackable or not?

I’m not in a position to answer your questions especially comparing Nuki with competing products.

We at Nuki have a very open and transparant security concept, which is open sourced, was audited by companies like AV-Test.org and has been part of vulnerability analysis from various companies. There is no known case of a Nuki beeing hacked in order to gain access to a protected property.

Yes! I fully understand Dear Jürgen. I will try to ask the question in a different way. I understand that open source systems have a big advantage over closed ones. Is this really true? Is it easier to forge with an authentication file created by Microsoft Azure than data stored in an open-system MCU?

Dear Jürgen! I think I’ve figured out why Nuki is safer than the other devices. :thinking: (I have thought a lot about this.)

What happens if a device is duplicated or cloned? (including serial number, software identifiers and everything else)

If your device is managed by an Apple Smart Hub (hereafter referred to as a server). The server cannot distinguish between the original and the cloned device. It sends both devices the data needed for unlocking.

With nuki, this cannot happen because the device itself stores everything. It does not need a server. Right? The wifi enabled version just passes through the nuki servers but the actual data storage is done by the device itself. Am I right?

You can not clone it, because the memory of the chip that contains this data is read locked.
Furthermore even if someone were able to clone it, he would need physical access to the device and disasemble it, which is only possible if your are already inside the protected property.

I guess with Apple Smart Hub you mean HomeKit. This is not the same as remote access through Nuki servers. The security concept of HomeKit is slightly different and requires a hardware authentication chip, which every Smart Lock has.

Basically yes. For remote access there is no “digital key” stored on the Nuki servers which only relay end to end encrypted packages from the mobile phone to the lock, which can’t be decrypted by someone inbetween.

Yes, it is indeed only possible to copy the device in its entirety if the device has been physically handled by the person who has access to it (for example, the courier during delivery or the salesperson in the shop where the device is purchased).

But what can be done about this security problem? I have a very good idea!!! :sunglasses:

  • when the customer unpacks the device, the nuki application generates an identification number and a QR code that the customer must save, print and store in the device box or store electronically on the computer. Once this is done, the device locks the ID. What do you think? Is this a good idea?
  1. As i wrote the device is read protected. Even someone with physical access can not “copy” it.
  2. Digital keys are created when the device is set up. You can not steal something that does not exist.

Yes, this is understandable. I meant physical access before purchase. I know the chances of that happening are very small. After all, few people have a production line at home to make copies. It should be done on an industry level.