Smart locks: User perception on security vs convenience

Brunzell, Hampus, Berglöf, Oliver

January 2023

This thesis aims to find out trade-offs between security, privacy and convenience when it comes to smart locks. If users know about security and privacy risks associated with smart locks and how they perceive the trade-offs, if they think that the security and privacy risks are worth it for some added convenience. In this project both a literature review and online survey was used to gather information. The results are that there are conveniences with smart locks but that they come with potential security and privacy risks. That overall users seems to know that there are potential security and privacy risks and users seem to think that any potential security and privacy risks are worth taking for the sake of convince.

Smart lock

security

privacy

convenience

Computer Sciences

Datavetenskap (datalogi)

Chytrý zámek využívající sítě IoT / Smart digital door lock system using IoT networks

Vitula, Marek

January 2020

This master thesis describes the design of a battery-powered smart lock using IoT networks and NFC technology for user authentication. The first part of the thesis describes the individual components to be used for the device design and also deals with the design of matching circuits and the antenna for the NFC. The following part of the thesis describes the design of the hardware, particularly the design of the printed circuit board. The third part describes the firmware and the final part of the thesis is dedicated to the security analysis.

Unauthorized Smart Lock Access : Ethical Hacking of Smart Lock Systems / Obehörig åtkomst av smarta lås : Etisk hackning av smarta låssystem

Winkelmann, Albin

January 2022

IoT devices have become more common in our everyday lives as they provide more useful features than traditional devices. One such device is the smart door lock, which enables homeowners to grant access on a user-specified level through digital keys and remote operation. However, as smart locks are meant to protect everything we own, they become an attractive target for attackers. This thesis evaluates the Yale Linus and Gimdow smart lock systems through a comprehensive security examination. In order to provide insight into the IT security of common smart locks on the market today and whether or not the companies behind the locks researched have implemented mitigations towards common attacks on smart locks found in earlier research. In doing so, Gimdow proved to lack basic security measures as an attacker could easily get unauthorized access. The Yale Linus system was deemed to have sufficient IT security as no immediate vulnerabilities were found. / IoT-enheter har blivit vanligare i vår vardag eftersom de tillhandahåller fler funktioner än traditionella enheter. En av dessa enheter är det smarta dörrlåset. Låset gör det möjligt för husägare att, på en användarspecificerad nivå, ge åtkomst till hushållet genom digitala nycklar och fjärrstyrning. Men eftersom smarta lås är avsedda att skydda allt vi äger, blir de ett attraktivt mål för angripare. Denna avhandling utvärderade två smarta låssystem av Yale Linus och Gimdow genom en omfattande säkerhetsundersökning. Målet var att ge insikt i IT-säkerheten för smarta lås på marknaden idag, samt kolla ifall låsföretagena bakom de valda låsen har tagit tidigare forskning angående attacker på smart lås i åtanke. I den här studien visade det sig att Gimdow saknar grundläggande säkerhetsåtgärder vilket tillåter en angripare att lätt få obehörig åtkomst. Yale Linus-systemet ansågs ha tillräcklig IT-säkerhet eftersom inga omedelbara sårbarheter kunde hittas.

IoT

threat modeling

computer security

smart lock

pentesting

IoT

hotmodellering

datasäkerhet

smarta lås

penetrationstestning

Computer and Information Sciences

Data- och informationsvetenskap