Security of connection, responsiveness...?


we’re evaluating Spark for our product that will be simple remote on/off switch. I like spark system, but have few probably more general questions :smile:

  • Can we use Wifi in parallel from local (direct) and remote location? We would like to control switch from local smartphone and also via Internet…
  • what is approx. time delay - if for instance I switch some ouput high on web dashboard or smartphone app (remotely, not locally), how much time in average would take to real action on actual switch ?
  • how secure is connection between Spark and Cloud and also between other clients (web browsers, smartphones) ? I see that AES is mentioned on forum - but I’m not sure if it is active…
  • is connection between Spark and Cloud always active ? If not, how it works ?

Thanks in advance,

Hi @bulek44

Yes you can use both local connections and a cloud connection over the internet. You could also have two controllers that both talk to the cloud over the internet if the local smartphone is also on the internet proper.

The delay depends on your “distance” to and from the Particle (nee Spark) servers. I find that I am around 130ms from the server so there is about 260ms of pure transport delay, plus any cloud overhead. I can reliably control things at about once per second from a web page over the Cloud link with feedback (I read back what I wrote). It might be faster or slower for you depending on where you are and how much traffic to and from the device you are generating, plus any effects of the link bandwidth. See my servo control tutorial for details.

The connection from your Core/Photon to the cloud is quite secure, similar to one mode of SSL. When your Core/Photon comes online, it uses the cloud’s public RSA key and its own private RSA key (both of which were programmed at the factory but can be updated) to establish an AES session key to create an encrypted TCP connection. The cloud holds its own private RSA key and the public key of each core. I would rate the crypto as strong, but only you can determine your threat model.

The cloud connection is completely under your control. By default the device comes up with a cloud connection but you have full control and start without cloud and even without WiFi, choosing how and when you join WiFi and then the cloud. See the doc for system modes for details.

Hope this helps.