Mode 1, Level 2 Security: Reconnecting After An Initial Security Relationship Is Established (Bonded)

RE: Mode 1, Level 2 Security: Reconnecting After An Initial Security Relationship Is Established (Bonded)

ovrebekk — Wed, 28 Jun 2023 12:30:11 GMT

Hi Mark

Setting kdist_own.id = 0 will ensure that the local IRK is not shared with the peer device after pairing.

Since the issue is caused by the peer device receiving an IRK when no resolvable address is used I would expect this to solve it.

This will not work if you plan to use a resolvable address on the nRF side. In that case you would have to make sure this bit is set, but based on your problem description the issue only happens when you use a random static address (I assume that is what you mean by the identity address).

Best regards
Torbjørn

RE: Mode 1, Level 2 Security: Reconnecting After An Initial Security Relationship Is Established (Bonded)

mlyonupdesigns — Tue, 27 Jun 2023 16:36:35 GMT

That appeared to work, but I'm still not sure what that change does.

RE: Mode 1, Level 2 Security: Reconnecting After An Initial Security Relationship Is Established (Bonded)

mlyonupdesigns — Tue, 27 Jun 2023 11:59:35 GMT

Yes, I can try that experiment. I would like to understand how that will change the existing behavior. Can you elaborate?

RE: Mode 1, Level 2 Security: Reconnecting After An Initial Security Relationship Is Established (Bonded)

ovrebekk — Tue, 27 Jun 2023 11:56:05 GMT

Hi Mark

Could you try to disable IRK distribution by setting sec_param.kdist_own.id = 0 in the peer_manager_init() function?

I believe this should fix the issue.

Best regards
Torbjørn