Samsung’s Knox Matrix explained: Smart Home Security via Private Blockchain
Wednesday at Keynote for Samsung developer conference, the company unveiled its new smart home security strategy: connect all your devices to a private blockchain so they all monitor each other. If a smart device is compromised, the others kick it out of the smart home club.
As Samsung expects bad actors to increasingly compromise personal devices, the company considered several options to protect the many parts of a smart home, such as phones, routers, TVs, and even appliances that could serve as attack vectors. Currently, some Samsung devices have dedicated hardware such as Knox chipsets on Galaxy phones that keep data safe, but even more complex security solutions will mean higher manufacturing costs and product price increases.
The company’s solution, called Knox Matrix, is a new application of blockchain technology on a very small scale, which could be an effective safeguard as people make their homes smarter.
To be clear, home devices using Knox Matrix are only linked to a private blockchain, not any of the public ones linked to cryptocurrencies. It’s a local scheme intended as an alternative to cloud-based verification: Instead of having to verify software online, the devices themselves check for cyber attacks.
Ahead of their presentations at the Samsung Developer Conference, Samsung principal engineer Bumhan Kim and senior product security engineer Shin-Chul Baik spoke with CNET through interpreters to explain how Knox Matrix works and how it can help users build a safer smart home.
“We want to make sure people feel safe in their own homes,” Kim said. “It’s not enough to think about security on each individual device – we wanted to look at it more holistically.”
This is how a blockchain protected home works
Knox Matrix-enabled devices, which will begin arriving in 2023, form a chain of trust. For example, if you have a smartphone, TV, router, smart fridge, air conditioner and washing machine, each of them checks each other to confirm that they are all working.
It’s unlikely that anyone’s smart home will be targeted by the kind of cyber attack that hits large companies, but something like downloaded malware can get on to one device and try to spread through a network. Knox Matrix is designed to automatically detect intrusions and cut off devices that have been compromised to protect the rest.
To detect new types of malware and other malicious intrusions, Samsung formed a Threat Intelligence Team to monitor and detect new security threats to Galaxy devices and patch vulnerabilities. The relatively new team tracks threats on the dark web and deep web to look for hacking trends and other attack vectors. For example, as more people turned to remote work during the COVID pandemic, the team saw more spyware and Trojan malware piggybacking on innocuous messages to covertly install backdoors.
“We hope to gradually expand the team to increase the number of channels where they conduct surveillance so they can more proactively secure intelligence so we can quickly patch and respond to these potential threats,” Baik said.
To ensure a home network of devices is up-to-date, the Knox Matrix blockchain checks to see if each is using the latest software, and if not, requests an update — or even downloads the file on one device and sends it to the other in need the.
Samsung currently updates phone and router software in monthly, quarterly and semi-annual updates, but will “also integrate other devices into the security updates, including home appliances such as TVs or refrigerators,” Kim said.
A network of trusted entities in a private blockchain has other benefits. They can share credentials, so if you want to sign into your Samsung account on your laptop, but your ID and password are stored on your Galaxy Phone, after verifying with biometrics like a fingerprint scanner, you can send those credentials seamlessly.
Distribution of the Knox Matrix
The first wave of Knox Matrix products arriving in 2023 will be exclusively from Samsung, but the company plans to make it an open ecosystem after that. In two to three years, products from Samsung’s partners will be released that also utilize Knox Matrix protection.
This raises a big question: How many Knox Matrix-enabled devices do you need to buy to take advantage of the private blockchain security? You only need two, Kim said. Internally, Samsung has determined how many devices for the blockchain concept work best, but it is still finalizing what it will announce publicly. Examples mentioned in press materials include up to six units.
Samsung isn’t rushing the Knox Matrix out to deter a current threat, just to prepare for a more connected future.
“We are currently experiencing no increased attacks. We just want to stay one step ahead of potential attacks,” Kim said.
A Knox Matrix network can protect your smartphone even better. While Samsung says its phones are highly secure, internet-connected mobile devices have several ways they can be attacked.
“If it is linked to a large number [Knox Matrix] nodes, which can mutually monitor each other for threats, then there can definitely be a high level of security in your phone,” said Kim. “It’s always better to go together than alone.”