How Secure is Ultraloq's Bluetooth Smart?

Advanced Dual Data Encryption: AES + Dynamic Key

Bank-level AES Encryption

Ultraloq UL3 BT uses Bluetooth SMART (aka low energy) to communicate, encrypting communications using bank-level 128-bit AES. A special hardware encryption coprocessor is embedded onboard for AES encryption.

What is AES?

The Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES has been adopted by the U.S. federal government and is now used worldwide.

Dynamic Key

Besides AES encryption, Ultraloq UL3 BT uses a second layer of protection – Dynamic Key. This key is random for every single data transfer. In other words, even the AES encrypted data is captured and resent to Ultraloq by some hackers, the dynamic key makes it impossible for them to unlock Ultraloq.

How does It Works?

The following two snapshots show you the data communication captured by wireless sniffer during two unlocking operations via Bluetooth.

Unlocking Operation #1 via Bluetooth

Unlocking Operation #2 via Bluetooth

In each picture, you can see two longer rows, which are the verification information sent from smartphone to unlock Ultraloq. All captured information are encrypted and there is no pattern to follow.

In addition, thanks to Dynamic Key, though the raw data is same for two unlocking operations, the captured encrypted data is totally difference. Thus, hackers can’t cheat Ultraloq by capturing the encrypted data and resend that to the lock.