HomeKit IP cameras
IP cameras in HomeKit send video and audio streams directly to the iOS, iPadOS, and macOS device on the local network accessing the stream. The streams are encrypted using randomly generated keys on the iOS, iPadOS, and macOS device and the IP camera, which are exchanged over the secure HomeKit session to the camera. When an iOS, iPadOS, or macOS device isn’t on the local network, the encrypted streams are relayed through the home hub to the device. The home hub doesn’t decrypt the streams and functions only as a relay between the iOS, iPadOS, and macOS device and the IP camera. When an app displays the HomeKit IP camera video view to the user, HomeKit is rendering the video frames securely from a separate system process so the app is unable to access or store the video stream. In addition, apps aren’t permitted to capture screenshots from this stream.
HomeKit secure video
HomeKit provides an end-to-end secure and private mechanism to record, analyze, and view clips from HomeKit IP cameras without exposing that video content to Apple or any third party. When motion is detected by the IP camera, video clips are sent directly to an Apple device acting as a home hub, using a dedicated local network connection between that home hub and the IP camera. The local network connection is encrypted with a per-session HKDF-SHA-512 derived key-pair that is negotiated over the HomeKit session between home hub and IP camera. HomeKit decrypts the audio and video streams on the home hub and analyzes the video frames locally for any significant event. If a significant event is detected, HomeKit encrypts the video clip using AES-256-GCM with a randomly generated AES-256 key. HomeKit also generates poster frames for each clip and these poster frames are encrypted using the same AES-256 key. The encrypted poster frame and audio and video data are uploaded to iCloud servers. The related metadata for each clip including the encryption key are uploaded to CloudKit using iCloud end-to-end encryption.
When the Home app is used to view the clips for a camera, the data is downloaded from iCloud and the keys to decrypt the streams are unwrapped locally using iCloud end-to-end decryption. The encrypted video content is streamed from the servers and decrypted locally on the iOS device before displaying it in the viewer. Each video clip session maybe broken down into sub-sections with each sub-section encrypting the content stream with its own unique key.