EnOcean encryption

Begonnen von serafean, 12 Juni 2017, 15:51:45

Vorheriges Thema - Nächstes Thema

serafean

Hi,

I want to start a smart home project, with EnOcean as the technology of choice.
The first project will be a ceiling fan with lights.
I understand that I need a 2 channel actuator, however, being security sensitive, I also want the EnOcean network to be secure. AFAIK since 2015 the standard allows for encryption, and one of the actuators I found ( FMS61NP https://www.enocean-alliance.org/product/eltako_fms-61-np/) implements it.

In the user manual, I only found how to pair encrypted pushbuttons, but no mention about whether status update messages are also encrypted. Also would this be compatible with FHEM and the USB-300?

Sorry if these are beginner's questions, but information is far and in between, and mostly in german which I don't speak...

Thanks.

enrikb

Hi,

At this time, the Eltako actuators only support encrypted push-buttons. Status updates will not be encrypted, which might be tolerated. Encrypted gateway commands are not supported as far as I can tell. Therefore, if you want to allow only encrypted actuating commands (otherwise, encryption is worthless), you will be restricted to use push button emulation on the FHEM side, too. This is no big deal for switching actuators, of course. But for smarter actuators like light dimmers or blind control actuators, you will definitely lose some handy capabilities like dimming / positioning to absolute values (like 30%).

This is a limitation of the implementation, of course, not of the spec.

serafean

Thanks for your answer,

In the FMS datasheet, I see nothing about gateways... Equipment profile support should be specified in the datasheet, no?
Seeing that confirmation telegrams can be used as activators for other elements, I think status update messages should be encrypted too.

As an option I'm looking at D-452 FU-EMI.
https://files.elv.com/Assets/Produkte/11/1154/115491/Downloads/115491_up_aktor_energiemessung_um.pdf
If the eltako encryption is incomplete, doesn't sound to be worth it.

Thanks