Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security features #46

Open
RaHoni opened this issue Feb 14, 2020 · 1 comment · Fixed by #61
Open

Security features #46

RaHoni opened this issue Feb 14, 2020 · 1 comment · Fixed by #61
Labels
documentation Improvements or additions to documentation

Comments

@RaHoni
Copy link
Member

RaHoni commented Feb 14, 2020

Wir sollten einen Ende zu Ende Verschlüsselung für jedes Gerät (Anmeldung nicht Hardware abhängig)

  • Für Aktoren (alles nicht Endnutzer) Per-shared-Secrets jeder Befehl dahin/davon wird verschlüsselt
  • Für Endnutzer Session-Based-key erhält Zugriff Genehmigung durch Nutzername und Passwort (SSL und zusätzliche damit andere keinen Zugriff auf entsprechende Befehle haben.
@RaHoni RaHoni added the documentation Improvements or additions to documentation label Feb 14, 2020
@RaHoni RaHoni pinned this issue Feb 14, 2020
@maximiliani
Copy link
Member

maximiliani commented Feb 14, 2020
edited by RaHoni
Loading

translation of the former commit

### SECURITY FEATURES

We should use a end-to-end-encryption for each device. (The login isn't hardware dependent.)

  • For devices which are not the user (light bulbs, smart plugs, heatings ...) pre-shared-keys are used. So every command which is sent and received by this device is with a specific key for each device encrypted. This is good, because a hacker can't decrypt all the traffic by getting one key. He or she had to get all keys, which isn't easy.
  • For the UI's session-based-keys are necessary. The user has to use SSL and has to login in the app or on the Web-interface (username and password). So nobody else should control the smart home ...

@maximiliani maximiliani changed the title Sicherheit Security features Feb 14, 2020
@RaHoni RaHoni linked a pull request Nov 13, 2020 that will close this issue
Necessary #61
Merged
@RaHoni RaHoni mentioned this issue Jan 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Necessary PrivateHomeIoT/PrivateHome
2 participants
@maximiliani @RaHoni