U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Security Analysis of Trust on the Controller in the Matter Protocol

Published

Author(s)

Kumar Shashwat, Francis Hahn, Xinming Ou, Anoop Singhal

Abstract

Matter is an open-source connectivity standard for the purpose of allowing smart home IoT devices from different vendors to interoperate with one another. A controller in a Matter system commissions new devices into the Matter fabric. The device needs to present a credential called Device Attestation Certificate (DAC), indicating that it is from a trusted vendor and has gone through the necessary testing to be compliant with the Matter standard. However, the controller is not required to prove to the device that it is from a trustworthy vendor. We verified through experimentation that anyone can create a Matter controller that can commission a commercial Matter device. We analyze the security implication of this design choice in Matter, and present a few scenarios where a malicious controller can exert harm to an otherwise healthy Matter ecosystem.
Proceedings Title
2023 IEEE Conference on Communications and Network Security (CNS)
Conference Dates
October 5, 2023
Conference Location
Orlando, FL, US
Conference Title
IEEE Cyber Physical Systems Security Workshop
Pub Type
Conferences

Download Paper

https://doi.org/10.1109/CNS59707.2023.10288747
Local Download

Keywords

IOT Devices, Matter Protocol, Controller, Smart Homes
Information technology

Citation

Shashwat, K. , Hahn, F. , Ou, X. and Singhal, A. (2023), Security Analysis of Trust on the Controller in the Matter Protocol, 2023 IEEE Conference on Communications and Network Security (CNS), Orlando, FL, US, [online], https://doi.org/10.1109/CNS59707.2023.10288747, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956487 (Accessed November 21, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 27, 2023, Updated January 4, 2024