Security Analysis of the Matter Protocol

Abstract

This thesis focuses on evaluating the security of the recently released home automation standard Matter, which is intended to improve the security and interoperability of smart home devices. The goal of this work was to analyze the security implications that can be derived from the specification of Matter, and to determine whether the Matter standard fulfills the promises made regarding its security. Our analysis was done by creating a threat model and performing a manual vulnerability analysis, where we focused on determining the attack surface and potential vulnerabilities, dangerous deviations that could be made by vendors, and by providing concise examples of possible implementations that could reduce the overall security of Matter in the field. In addition, we added a test catalog and Tamarin models of Matter’s PAKE, SIGMA exchange during the CASE as well as plain SPAKE2+ for future use in symbolic verification. We were able to show that Matter is able to mostly fulfill its claims, explain where Matter deviates from its promises, and provide recommendations on how to further increase Matter’s security. Our work also identifies weaknesses in the specification for which we expect future revisions of the specification to add additional mandatory requirements to address them. With this work, we aim to help security researchers, device manufacturers, and specification developers in gaining a comprehensive picture of Matter’s security model, and ultimately contribute to overall security and privacy.