Clarification on Bluetooth LE Just Works Pairing: Usage of LE Secure Connections and ECDH

Question

Hello, I am using nrf52832 along with S132 soft device and SDK 17.1.0. 
 For BLE pairing I am using Just Works as there is NO IO and NO Display. 
 Could you please confirm:

Does Just Works pairing use LE Secure Connections (and thus ECDH) as the default or recommended implementation in current Nordic BLE stacks?

If it depends on configuration, what specific flags or APIs (e.g., in the Soft Device or SDK) control this?

Also, is there a good example of Just Works with Numeric comparison in the SDK?

Priyanka · Accepted Answer

Hi Justin, 
 Does Just Works pairing use LE Secure Connections (and thus ECDH) as the default or recommended implementation in current Nordic BLE stacks? 
 Just Works pairing can use either Legacy Pairing or LE Secure Connections (LESC), depending on configuration. 
 Just Works can use LE Secure Connections (SC) on nRF52832 (S132) , but it’s not default, i.e. depends on how you configure the pairing. If SC is enabled on both sides, Just Works will run with SC (ECDH) but still be unauthenticated (no MITM). If SC is disabled, it falls back to Legacy Just Works. 
 If it depends on configuration, what specific flags or APIs (e.g., in the Soft Device or SDK) control this? 
 The actual pairing method (Legacy or LESC) is determined by the security parameters set in your application and the capabilities of both devices involved in pairing. Peer Manager Security Parameters, Cryptographic Backend, Button Controls in Examples etc can control this behaviour. 
 is there a good example of Just Works with Numeric comparison in the SDK? 
 I don't think we have a similar sample for this especially since you mention NO IO ad NO display. 
 -Priyanka

Clarification on Bluetooth LE Just Works Pairing: Usage of LE Secure Connections and ECDH

Top Replies