• State Not Answered
  • Replies 11 replies
  • Subscribers 75 subscribers
  • Views 205 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 344259
Options

How can i change mode and level with nrf54l15

Taron

Hi,

I tried to change security level, but it's not changing.

When i set CONFIG_BT_SMP_SC_ONLY=y, it's working well with security level 4,

but i want to change mode1, level3.

how can i change it?

Tool : VS code

SDK : nRF Connect SDK v2.8.0

Board : AN54L15Q-DB(nRF54L15)

thanks for helping

Parents
  • 0

    Hello Taron,

    Could you please share why you want level 3?

    Hieu

  • 0 in reply to Hieu

    HI,

    Bluetooth LE defines 4 security levels in security mode 1:

    • Level 1: No security (open text, meaning no authentication and no encryption) 
    • Level 2: Encryption with unauthenticated pairing
    • Level 3: Authenticated pairing with encryption
    • Level 4: Authenticated LE Secure Connections pairing with encryption

    Because level4 is not support old version phone, so i need to set level3

    Thanks  

  • 0 in reply to Taron

    If you enforce "secure connections only" using CONFIG_BT_SMP_SC_ONLY, then pairing attempts will be aborted if the remote device only supports level 3 or less. That is the whole point of "secure connections only". Either you get pairing with the highest security, or no pairing at all.

    What phone do you have that does not support LESC? LESC was released in 2014 so should be supported by all recent phones produced the last 10 years.

  • 0 in reply to Hieu

    I tried to connect without LE Secure Connection, but i got error about connect. it's not to level 3 directly

  • 0 in reply to Emil Lenngren

    Yes, but i need it cause some customer use phone that released before 2014, please share to set Level3.

  • 0 in reply to Taron

    I already shared how: It is done automatically. If you want to support old phones, you want your device to support both Level 3 and 4, not just Level 3.

    What you want to get out of Emil's reply is: Make sure CONFIG_BT_SMP_SC_ONLY is disabled.

    It is disabled by default. If you want to be extra sure, you can do so by setting CONFIG_BT_SMP_SC_ONLY=n, and also check the compiled .config file in <build directory>/<application name>/zephyr/.config.

    As for Level 3 support, I do want to give it a test to see for myself that it works, but I struggle to find a central device without LE Secure Connection (LESC). 
    No SDK publicly available right now let me build without LESC... I don't have any phone that old either.

    It's exactly what Emil said, LESC is so old that supporting Level 3 makes little sense. If a phone didn't support LESC, it would be so old that it would be barely useable and would be riddled with various security vulnerabilities.

    Also, the reason that no-LESC isn't an option is most likely because there is no motivation to only support Level 3. It is weaker, and more vulnerable. Maybe there is a cause for testing too, as I just realized.

  • 0 in reply to Hieu

    I understand and solved it.

    I just need to change security level3 and use passkey without setting SC_ONLY.

    then it's working with security level3.

    Thanks.

Reply Children
Related
Terms of service