Entire communication between the lock and Android application or infrastructure software client is encrypted using 128 bit AES algorithm. Our proprietary implementation withstand DoS and Reply attacks.
At the core of the encryption module we deployed a hardware random number generator. In case of hardware random generator malfunction the encryption module falls back on the micro-controller based random generator.
Two pairs of keys are used for access, each key being 8 ASCII characters long. The Operational Pair used for normal access consists of one hardware key defined into the smartphone application and one user key, normally kept only in the user’s head. The same operational pair is provisioned into the lock.As a consequence the lock cannot be opened unless both keys are correctly used to encrypt the commands issued by the smartphone client.
The Master Pair is provisioned only in the lock and used only in emergency cases. It is of utmost importance to keep this pair safe.Operational pair could be changed from the smartphone client or from the infrastructure software client. For security reasons, changing the master pair is possible only via local serial connection directly into the lock’s processing module.