Limmat connects Bluetooth Low Energy devices with the Web.

Limmat is a gateway hardware and software platform that we customize for you. You obtain a license for the optimized design, or we help you with production.





HomeKit for BLE and Cortex-M

In this post, I'll not talk about Limmat, but about another ongoing project at our company Oberon microsystems. Unlike Limmat, this project has nothing to do with the Industrial Internet of Things, but with the Consumer Internet of Things. It has to do with Apple's attempt at cracking the home automation market.

Home automation forever imminent?

About 15 years ago, a manager at a company that produces thermostats for commercial buildings told me that, according to market researchers, the take-off for the home automation market is predicted to happen in five years. And had been predicted to happen in five years, for many years. He wasn't optimistic that this would change anytime soon. Indeed, the expected explosive growth of the home automation market (beyond enthusiasts and makers) has remained five years in the future.

Enter Apple

This might finally change. If anyone appears able to put all the necessary ducks in a row (user experience, technology, "systems thinking", ecosystem, marketing power), then it is Apple. About a year ago Apple announced its HomeKit initiative, which is aimed at creating an Apple ecosystem for home automation.

Today, you cannot buy any HomeKit-compliant devices yet, but various prototypes have been shown at this year's CES. From start-ups to established companies such as Philips, interest in HomeKit appears to be rising quickly.


We got into HomeKit by accident. As you may know, we have been doing Internet of Things projects for longer than the term even exists. For a broader adoption of IoT, security concerns are arguably the main hurdle. Thus, security for embedded systems has always been of great interest for us, and we've been monitoring what was going on in the crypto community over a long time. Several years ago, we became particularly interested in a high-quality library for elliptic curve cryptography called NaCl (prononounced "salt"), developed by Dan Bernstein, Tanja Lange and Peter Schwabe. It has excellent cryptographic properties and seemed promising for microcontrollers, even though originally designed for much faster microprocessors.

We ported a public domain implementation of NaCl to single-chip microcontrollers (STM32F4 chips with Cortex-M4F cores). The result was reasonably fast, but we saw a way to greatly optimize performance even further, by applying suitable algorithmic transformations and by reimplementing critical parts in assembly language. We then made experiments with these optimizations and found a speed-up of up to a factor 30, depending e.g. on the length of the encrypted messages.

We've used our fast NaCl library for implementing a secure firmware update mechanism for Limmat, where firmware images are encrypted and signed. Distribution of the images can happen in any way, e.g. using Microsoft Azure table storage or even USB sticks sent via snail mail.

WWDC 2014

Then at WWDC 2014 Apple announced HomeKit. And guess what? Apple uses a variation of NaCl as the crypto suite for the HomeKit Accessory Protocol (HAP). HAP is highly interesting in that it provides end-to-end security even all the way to inexpensive sensors (not just to gateways), bidirectional authentication and perfect forward secrecy. (Compare this to industrial infrastructures, where sending plaintext passwords is all too often still considered state-of-the-art...)

So we studied the HAP protocol, talked to a number of chip vendors about their interest in HomeKit, and then decided to modify our crypto library according to the Apple specifications. We added the missing algorithms and implemented the actual protocol itself.

An introduction to HomeKit can be found on Apple's HomeKit developer site. A description of the security aspects of HomeKit is given in the iOS Security Guide. For the detailed specifications, you need to register with Apple's MFi program.


Today we have implementations for ARM Cortex-M3, M4, M4F and even the much lower-performance M0/M0+ cores. Some key performance numbers that we achieved are given in the following table:



at 16 MHz


at 72 MHz


at 168 MHz


at 168 MHz

Opening a session
 1336 ms
153 ms
27 ms
 25 ms

Encrypting a

256 byte message

2.36 ms
0.3 ms
0.1 ms
0.1 ms

Encrypting a

4096 byte message

32.34 ms
4.1 ms
1.4 ms
1.3 ms

Some of these numbers have been measured on actual hardware, some of them have been obtained by running the code in the Keil simulator. All numbers assume zero wait states. The numbers are only for the cryptographic parts; the time spent in a communication stack is not included.

While the exact numbers depend on the core and the chosen space/time tradeoffs, our OberonHAP library generally uses less than 32 KB of code and less than 24 KB of RAM.


Apple defines HAP variants for both Internet Protocols (IP) and Bluetooth Smart (BLE). While our OberonHAP implementation is suitable and attractive for both variants, its high speed is particularly interesting for BLE accessories, as these are usually slower (because lower-cost, but also because drawing less battery power). Everyone else in the industry seems to have focused on HAP over WiFi, while our focus was to make HAP practical even over BLE.

To demonstrate OberonHAP, we have created a proof-of-concept using a Segger board that contains a Nordic nRF51 chip, which integrates a 16 MHz Cortex-M0 core with a BLE radio. This is about the lowest-end processor core with which HomeKit can realistically be used. In addition to our OberonHAP library, the demo required the interfacing of the library to Nordic's BLE stack, to flash memory for storing keys, and to Apple's MFi authentication chip - and of course the main program that implements one of Apple's predefined HomeKit profiles. As you can see, an iPod Touch is used to control a door lock via HomeKit and BLE.

The above high-definition video has no sound, but you can still see how we use Siri to open and close the door lock through speech commands.

The following video - with sound - shows a demonstration of the light bulb profile, using a simple app we've written for this purpose:


OberonHAP is now ready for licensing. We license the library to vendors of BLE or WiFi chips and modules, to BLE stack vendors, and to consumer electronics companies who want to have full control over their HomeKit software. If you are interested in such a license, you can contact me at

If you need a HomeKit implementation for a microcontroller not based on a Cortex-M core, we can offer to port our code to your microcontroller's instruction set architecture.

If you are interested in higher-level libraries, tool support, development of custom HomeKit accessories or bridges, we can offer suitable engineering services.

Beyond home automation

The strong security properties of HomeKit could also show the way towards better wireless security for the Industrial Internet of Things. HAP is a relatively simple and efficient protocol, yet there would still be room for performance improvements and a footprint reduction, by making some design decisions better suited for microcontrollers. Maybe someone is interested in developing a protocol similar to HAP, but for industrial use cases? If so, please let me know.

Cuno Pfister, Oberon microsystems AG


There is now an official home page for OberonHAP:

View Cuno Pfister's profile on LinkedIn

Write a comment

Comments: 2
  • #1

    Mark F (Sunday, 19 April 2015 17:56)


    I'm an end user an wondering if I can buy a complete solution somewhere already or is this all just proof-of-concept and you have no-one that's implemented this in a product yet?

    Also I'm interested in how an end user would set this up... Say I want to control my Kitchen LED lights with this, how does the hardware connect to the internet for Siri commands to come back from Apple to the device? Do I need an Apple TV to act as a hub for me to issue commands when away from my house? Does this connect via Bluetooth LE to the apple TV or directly to my iPhone? If directly to my iPhone, I presume I always have to be within 20feet of the kitchen to control the lights, no?

    Sorry for all the rookie questions.

  • #2

    Cuno (Sunday, 19 April 2015 20:18)

    @ Mark F: I don't think you can buy *any* HomeKit-compatible devices yet. Some devices have been announced but are not shipping yet, others are shipping but will need a later firmware update to support HomeKit. Most are expected to use WiFi, at least initially.

    So yes, it is a proof-of-concept - everything is still early days regarding HomeKit. We are in talks with potential customers, but there's nothing to announce yet.

    The iPhone, or several iOS devices in a household, directly connects to the accessory devices within range (which can be more than 20 feet, but this depends highly on how the house is built and furnished).

    Apple has announced that an alternate, indirect access path for remote control via Internet will also be provided. There are no public details yet for that, although most commenters seem to bet on Apple TV as gateway between Internet and the local WiFi and BLE networks.