Z-Wave security questions / Inculsion

Hello everyone,

first of all, I know there are a lot of topics about this question, but none of these topics is really that what I need :frowning:

I bought about 22 Fibaro Walli Roller Shutter and 15 Fibaro Walli Switch, I included them all to my Z-Wave network and this is working, I guess… All devices are included with S2 Non_Authenticated and thats why I started this topic. Is this really nessasary for this kind of devices? I notice some delay on some devices which are further away from the controller (after healing the network all devices have a max of 2 hops from the controller) but there is still a delay for example close all cover at a specific time. The devices next to the controller shut directly, some devices in the upper floor close about 8-10 seconds later.

I have read a lot about security in Zwave and here are my direct questions that are still not answerd:

  1. S0 security have a lot of “unimportant” information in the security header and generates a lot of traffic in the network is that correct?
  2. S2 security have less “unimportant” information and acts faster than S0 but still can generate some delay in the network?
  3. Is “none” security rly that much faster than S2? And is it secure to add lights and shutter with none security and S2 only necessary on locks, garage doors and window sensors?
    I read a topic in the hubitat forum that someone changed everything to security “none” from S2 and now has a average input “lag” from 400 ms (comming from up to 10 seconds)
  4. Is security “none” rly no security or is there still some kind of encryption?

Maybe someone can answer this question? Thank you very much for your help :slight_smile:

I can’t really answer the network latency question (but from what you posted someone has proven it in a real world scenario) but this…

it depends on what you mean by security.

in reality how will someone be able to find the endpoint to send commands to?

they would likely need to either be there when you include the device or try to sniff the TX traffic when the device itself or your HA is actually transmitting anything.

either way the likelihood of that happening on a really low level target like the usual home is low, especially when the other bad guy has to also know that you are using zwave devices and for what.

it’s more likely they will just smash a window and be done with it. Most burglars aren’t a stereotypical Bond villain mastermind and more like the burglars from Home Alone. :laughing:

1 Like

I’m also very curious about the performance trade off between no security and S2.

Currently all of my switches are setup as S2 and I’m about to add 30 more this weekend. If I should be going back and resetting as no security to improve performance, I’d love to know now.

Id love to know as well - as the mor jump’s away the worse the performance starts getting! Im really not bothered about the security the odds of someone hackign the hosue are nil i think.

Here is the post from the guy who tested the S2 vs None:

1 Like

Is there somewhere in Home Assistant to look at performance stats of the zwave network?

Yeah youre absoluty right :smiley: but for me security none is always strange. But I think its not really none security because after the include the device is bind to the Controller. Its easier to break the security between the device and the Controller with no security, but Not for a normal thief :slight_smile:

I am also interested by the performances (None vs S2).
@JerryAC: did you come to a conclusion?
Thanks!

I did end up nuking my zwave network and adding all 60 or so devices back in with no security. I have no measurable way to say if it is faster or not but I will say it sure seems to be more responsive. Additionally I am converting some calls to multiple devices to use multicast which should help as well. S2 does not support multicast from my understanding.

Oh okay? I tried to get multicast running but never saw the problem why its not working…Is rly S2 the problem? Like you I want to minimze the delay with the multicast Feature.

Is Multicast for S2 planned to be supported? I dont want to include all 50 devices New…

Thanks for your feedback. I will do the same: no security (unless for the garage door)