I'm planning to use a simple light switch, that is placed on the wall. The switch gets power from the battery or piezo and sends unique sequences of data (on on- and on off-events) over 433 MHz to the receiver, that is connected to my SmartHome-RaspberryPI.
Since I'm living on the ground floor I have some considerations about the security. Someone could record and replay unique sequences, that the switch sends.
Is it possible to improve the security using hardware or software?
Yes, you can significantly improve the security of pretty much any low level protocol using software - but any home-brew solution is always likely to have some flaws.
You need to consider at least 3 attack possibilities.
Denial of service. Maybe there is a fall-back mode of operation you want to use if the radio channel is blocked. You might also be able to filter out unusual behaviour aimed at wearing out the hardware.
Rogue messages. A simple static message is trivially recorded and replayed, but rolling codes and encryption can help to miticate the risk here.
Messages may leak information which you would rather keep secret. Both the presence of the message, and the information content may leak. Padding and dummy messages would mitigate here.
I think something to consider is the following: Can someone send information over the 433 MHz freq to the Raspberry Pi? What information can be sent? Is there a vulnerability in the application that translates messages between the Pi OS and the light switch? Basically, does the 433 MHz receiver give an attacker a foothold into the rest of your network? I can't answer these questions for you without a full blown vulnerability analysis on your set up, but anyone dealing with IoT security needs to be thinking this way rather than "big deal if they can turn on the light". The attacker doesn't want to turn your lights on or off. The attacker wants to pivot to the rest of your network.
If you have control over the device that transmits the signal, you could try sending an additional validation sequence. This sequence can tell the software that receives the data what rules it should use in decrypting the signal. So, the actual data (on/off) could be dynamically encrypted, while the validation can be decrypted using a special key that only the hardware and software know.
This is similar to hash-based authorization.
However, I think it's important to look realistically at IoT devices.
Personally, if someone is going through the trouble of monitoring/filtering the frequency of my light switch, I'd let them have at it.
We encounter breaches like this everywhere we go this day in age. The real question always deals with "How much am I willing to pay for this?". When you accept cookies to a website so you don't have to sign-in anymore, you're accepting the risk of a security breach because you feel you get more out of the risk than you would endure in consequences.
Use rolling code, similar to what garage doors use now. Here is an open source example.
