• State Verified Answer
  • Replies 2 replies
  • Subscribers 74 subscribers
  • Views 590 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 315493
Options

Questions about whitelisting

Terutaka Takeuji

Hello, I'm an engineer living in Japan.

【Development environment】
"PCA10040(nRF52832)" x 2 (cental/peripheral)
"SDK:17.1.0"
"IDE: Segger Embedded Studio for ARM7.10a"

I have a question about how the whitelist works.

I have confirmed the whitelist operation on the peripheral side by referring to "ble_app_hids_keyboard" stored in the SDK of Ver17.1.0.
The maximum value of the whitelist address count is confirmed at the initial value of 1.
* "BLE_GAP_WHITELIST_ADDR_MAX_COUNT"   1

The whitelist behavior that I have confirmed is described below.
1. Initially, pairing is performed without a whitelist, and the central device address that made the connection request is written to FlashRom.

2. After the connection is terminated, the peripheral advertises with a whitelist containing the address of the first device.

3. The second device is not whitelisted, so the connection is refused.

Question 1)
 Operation was confirmed using a smartphone as the central device.
 When I connected and disconnected from the smartphone's BLE connection screen, there was no problem with the operation,
 but when I "delete" (or cancel) the settings itself, I was unable to connect again.
 Please let me know what is causing this behavior.

Question 2)
 If you check the sample program, you will see many references to the word "IRK". I searched by IRK and couldn't figure it out.
 I found an article that states that it is necessary when using privacy, but I could not understand the details, so please let me know.

Question 3)
 Please tell me how to delete the created whitelist.
 I would be grateful if you could provide me with sample code.

Thank you.

  • 0

    Hi,

    Question 1)
     Operation was confirmed using a smartphone as the central device.
     When I connected and disconnected from the smartphone's BLE connection screen, there was no problem with the operation,
     but when I "delete" (or cancel) the settings itself, I was unable to connect again.
     Please let me know what is causing this behavior.

    In this case, you deleted the bonding information (encryption key ++) on the phone, but the nRF still had the bonding information. So when the phone connected to the nRF and attempted a new bonding procedure, the nRF would not allow this as it already had a bond with this phone. Not allowing this is the default behavior for security reasons, but you can change the configuration on the nRF side to allow replaysing existing bonds, as explained in this post.

    Question 2)
     If you check the sample program, you will see many references to the word "IRK". I searched by IRK and couldn't figure it out.
     I found an article that states that it is necessary when using privacy, but I could not understand the details, so please let me know.

    IRK is a standard Bluetooth concept, an Identity Resolution Key. You can read about the concept here. This is used by all modern smart phones, and is one of the things that is stored when bonding. As the nRF has the IRK, it will be able to see if the phone is the same as it has bonded with, even as it changes it's Bluetooth address (which typically happen every 15 minutes). This is used in the whitelisting, though it is also possible to white list static addresses for devices that use that (which phones do not).

    Question 3)
     Please tell me how to delete the created whitelist.
     I would be grateful if you could provide me with sample code.

    In most SDK examples the whitelist is automatically generated by the bonding information, so the question is probably how to erase the bonds? On the HIDS keyboard example you can hold down Button 2 on the DK while pressing the reset button in oder to erase bond info, as explained under Testing in the example documentation.

  • +1 in reply to Einar Thorsrud

    Thank you for your reply Einar.
    Your answer was thorough and I was able to understand it well.

    I'll think about it a little more myself.

    thank you very much.

Related
Terms of service