Looking for a key fob

Hardware
1

Hi *,

I am looking for a key fob with a single button (more is also ok) that uses either BLE or Zigbee connectivity.
I have searched the forum and also looked at the zigbee2mqtt device support, but I could not find any shop that sells those. I am in Europe, Germany.

Can anyone point me in the right direction?

Best
Ck

2

:point_up:

3

This was one of the posts I found, but couldn’t find any shop selling though.

Do you have a link?

4

aliexpress.com/item/1005005935330773.html

1 Like
5

Best one I have found is YoLink. Several versions of the fob are available, very long battery, insanely long range. Uses LoRA and requires hub. Can all be purchased on Amazon.

I’ve got several inside and outside temp sensors, vibration sensors, open/close sensors, and a fob from YoLink. Integration was easy, all lived up to the promise they made.

I live 22 floors up in a downtown high rise in Philly - my YoLink hub is in a closet. The key fob works from our car, while driving on the street, 3 blocks away with multiple large buildings between the car and our building. I set the button up while standing on the sidewalk, with the hub 22 floors above me, without issue.

Fun use case for LoRA vibration sensors: Have some attached to the back of the shared washers and dryers down the hall, around the corner in the laundry room. Connectivity is flawless, vibration detection is adjustable and so far 100% reliable. When an input Boolean helper is set to on, HA sends soaked vibration on/off notifications to our phones and the LaMetric SKY - on our dashboard, there’s a view that always shows current state of all washers and dryers. A shared laundry room game changer - we always know when our stuff is done, we always know when machines are available, and we’ll know if anyone prematurely stops our laundry. This was impossible before YoLink and LoRA, as BLE, Zigbee, WiFi, nothing else has the range or consistency.

YoLink makes great stuff.
LoRA is evolution.

6

Thanks for sharing this experience!
I am looking for BLE or Zigbee particularly, because I have hubs for those already and for security reasons, I prefer the short range, since I wanna use it for the garage door. A range of a few meters is easier to watch for “interceptors”. No paranoia here, someone already broke into our car this way…

7

Gotcha - love these Zigbee buttons, running multiple of each, no issue.

Single button, pretty good sized - single press, double press, hold down:
https://www.amazon.com/dp/B0BRZZCV94

Four button, pretty slick - single, double, hold:
https://www.amazon.com/dp/B0BJKBR1J6

Also, the Hue buttons pair nicely with HA over Zigbee, no Hue Bridge needed.

8

You want to control your garage gate with un-encrypted ble beacons which your fob permanently screams out loud and can be cloned easily with a smart phone? :selfie:

Indeed you are not paranoid :joy: In case you pay a insurance company to cover for future break-in’s that is most likely lost money as they obviously will not pay if they find out that your garage is missing a “real” lock :unlock:

The Who? The one that recently showed their true face :japanese_ogre:

9

I agree, the button above is only BT4.0 BLE. BT4.2 BLE however, uses propper Diffie-Hellman encryption though. I would prefer a Zigbee fob, but haven’t found anything yet.

10

There’s a way to do it with standard beacons that have encrypted passwords like ours.

It requires some fancy coding to send the encrypted password to the beacon, get the confirmation back from the beacon that the password matches what the beacon knows as the password, then use that beacon’s uuid as the trigger for your automation. This authentication process uses an MD5 algorithm and is quite secure.

It may sound like it requires a lot of time to execute but it processes very quickly.

One of our customers uses beacons to lock and unlock “very high value assets”…that’s all I can publicly say.

But like I said, it’s fairly fancy coding to set up.

11

We also had a customer wanting digital signatures for their employees which also comply with the law (essentially can’t be knowingly forged). We had our own R&D and a external company checking various technologies - bluetooth was the first one that was ruled out back then. We went with nfc (or rfid?) tags in the end - but still it was important to don’t settle with tags with (known) broken cryptography like mifare classic :bulb:

:arrow_forward: Breaking the Bluetooth Pairing – The Fixed Coordinate Invalid Curve Attack

Bluetooth is really no fun at all :grimacing:

Looks like these assets weren’t really worth a proper lock :joy:

Hopefully not security through obscurity :see_no_evil:

1 Like
12

It’s done with encryption. The same encryption used when you log into your bank account online over the internet. So it’s highly secure.

13

I really don’t think so. It was already a couple of years but I remember the biggest concern (which also let to the decision to dumb bluetooth completly for a serious use case :put_litter_in_its_place:) was that - at least at that time - the bluetooth fobs/chips weren’t capable of doing “proper” crypto because of lack of computing power/memory. And well - poor mans crypto as we know (or security through obscurity) was nothing we wanted to ship :man_shrugging:

Luckily my bank does NOT use MD5 for SSL. I hope you don’t consult banks :speak_no_evil:

Overview of security issues

In 1996, a flaw was found in the design of MD5. While it was not deemed a fatal weakness at the time, cryptographers began recommending the use of other algorithms, such as SHA-1, which has since been found to be vulnerable as well.[26] In 2004 it was shown that MD5 is not collision-resistant.[27] As such, MD5 is not suitable for applications like SSL certificates or digital signatures that rely on this property for digital security.

well, no crypto expert at all but it does look quite the opposite :see_no_evil: