Is there a timeline for when Vera will have a controller that can handle S2 Encryption? I’m seeing more Zwave devices that run on S2. If there were such a controller in the future, would it be backward compatible with non-S2 devices?
Not sure about the timeline. My understanding was that it would be in the firmware on the new linux platform. As far as backward compatibility, they are all actually fairly transparent.
An S2 device will support S0 inclusions. An S2 compatible controller will continue to support S0 devices.
The difference between the two types of security is mostly on the ownership of the key. For S0 the key is in the host and is relatively simple. This means that the host controller needs to be involved in the inclusion process to exchange the security key. For S2, the key is in the zwave chip and is a little more complex and secure.
I also thought s0 used a single key for all s0 devices, but s2 devi e each get a unique key. Which means if your s0 key is compromised, all s0 communications are visible and man in the middle attacks become possible for all s0 devices, while only the one s2 device whose key was stolen would be vulnerable to sniffing and mitm attacks.
Yes. Atom and New Linux firmware will support S2 devices. Also, the user will be able to add S0 and non-secure devices.
If a device supports S2 command class, it usually supports S0 and non-secure connection.
In this case, the user will be able to select the preferred mode during pairing.
But some highly secure devices (usually door locks) support S2 only. If the user connects it in S0 or in non-secure mode: the device will not provide information about the supported command classes, and the controller would not be able to control this device.
@andryist this thread is a bit old. Is there any news?
I have a VeraPlus with Firmware 1.7.4453 and I have some devices included in secure way (I can see some ‘S’ under NodeInfo) but as far as I have understood there is no way to force secure inclusion.