The established brands Philips Hue and Osram Lightify just got a new contender for a simple and cheap system: IKEA TRÅDFRI. Our security researchers put the smart light bulbs and the gateway to the test in our IoT-Labs and answered the question: Can cheap hardware from the Swedish furniture giant be secure?
The IKEA TRÅDFRI eco system does not allow remote controlling at the time of testing. But this feature may be delivered later by a firmware update. The gateway checks for firmware updates at every start up and in periodic intervals. It requests an unsecured JSON file which contains a list of all available updates for all devices of the TRÅDFRI system.
Delivering the file unencrypted over http opens the possibility of modifying the file’s content and send it to the gateway. However, there is a secure https endpoint available for this URL, so we hope that IKEA might upgrade to a secure request on a later firmware version. The file names of the available firmware binaries suggest that they are signed. However, we didn’t verify this as part of this quick check. The files itself appear to be not encrypted though.
At this moment, eleven different firmware updates are offered for the different devices such as bulbs and remote control as well as for the gateway itself.
IKEA provides an Android and iOS app to control the lightning system. To pair the app with the gateway the user needs to scan the QR code at the bottom of the gateway. The code contains the “Serial Number” (the MAC address) and “Security Code” of the device. The “Security Code” is used to establish a secure connection between the gateway and the smartphone. The communication relies on UDP and uses DTLS (SSL for UDP) for encryption. The communication is among other things protected against replay attacks by the use of DTLS. The pre-shared key used for the handshake mechanism is the “Security Code” at the bottom of the device.
Further research showed, that the IKEA TRÅDFRI system uses the CoAP (Contrained Application Protocol), which provides a REST-like interface (like a traditional API). There are already several open source projects (e.g. on github: https://github.com/stenehall/homebridge-ikea, https://github.com/hardillb/TRADFRI2MQTT) utilizing the CoAP framework to create own clients for controlling the smart home lightning system. All these tools have in common that they need the pre-shared key for communication.
IKEA really made its job while developing the Android application and implementing the communication protocol with the gateway. First off, many parts of the source code were obfuscated during compile time. Among all other apps tested on this blog this is more the exception rather than the rule. Nonetheless we were able to extract information about cryptographic behaviour, although the time spent on this aspect was increased significantly due to the obfuscation.
You may already be familiar with the procedure on how to register the gateway on your IKEA TRÅDFRI app. The scanned QR code at the bottom of the gateway contains crucial information to securely communicate between the two devices. Therefore, the app stores these information in a secure place on your Android smartphone and additionally encrypts them. The latter is an additional security feature, especially when your phone gets rooted (by the user or malware) and all other apps may be able to read the application’s stored information. The used encryption modes are more or less “state of the art” and utilize the latest android security features (when available). Using a smartphone with at least Android 4.3 (89,6% of all active phones in April 2017, https://developer.android.com/about/dashboards/index.html) grants the highest security level. On these phones the application loads the secure “Key Store” of Android, generates a secure keypair and stores it to the key store. From here on all sensitive information will be saved encrypted with the public key.
When you are using a phone that runs an older version than Android 4.3 (which is fairly outdated and a massive security hole itself) the key store API is not available. IKEA’s fallback solution encrypts the sensitive information with the secure AES algorithm. The key for encryption is retrieved from a file packaged in the apk-file. And this may be one of the few flaws the programmers did: The file is named “key_file.txt” and the chosen key is as simple as “Bar12345Bar12345”. This makes it relatively easy to decrypt the sensitive data in case the smartphone is rooted.
The permissions of the Android app are limited to the necessary scope:
- Camera (Recording of QR codes for initial setup of the product)
- Network access (Communication with the gateway)
For the moment, we award three out of three possible stars for the IKEA TRÅDFRI gateway and app. When IKEA releases an update that enables remote access, we will retest and finalise our rating.