This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Private resolvable addresses and unbonded devices

We are developinga product for a customer they want a secure connection and I'm trying to get my head around a certain aspect of the security:

If we choose to use a private resolvable address in the advertising this requires an smartphone to have the IRK(through bonding previously) in order to connect again. So, if a smartphone has never bonded with the board how does it resolve the address without the IRK? They want the board to be bondable to up to 8 devices so, even though the board is bonded to less than 8 devices and advertising on the private resolvable address there will still be devices that need to bond (for the first time).

My instincts tell me that this is not possible and we need to go with random static address type, but I would like your input first.

Thanks,

Lee.

Parents
  • The address type of the peripheral is irrelevant in regards to if a central can connect to a it or not. What matters is if the peripheral uses a whitelist or not. If it is using a whitelist only connection requests from centrals in it will be accepted. The whitelist can contain static addresses and/or IRKs.

    The main point of using a resolvable private address is to achieve privacy. This means that friendly (bonded) device can identify the device, while unfriendly (not bonded) devices cannot.

  • Ok, After a bit of research I believe I've got it: There are only really 2 types of address from a connection request point of view: public - this is a fix address which has to be issued by the SIG. random - The random address can be a static type which is randomly generated at power up and changes every time or a private type which still appears random but to a device that has its IRK this address can be resolved to a known device. This makes good sense thank you!

Reply
  • Ok, After a bit of research I believe I've got it: There are only really 2 types of address from a connection request point of view: public - this is a fix address which has to be issued by the SIG. random - The random address can be a static type which is randomly generated at power up and changes every time or a private type which still appears random but to a device that has its IRK this address can be resolved to a known device. This makes good sense thank you!

Children
No Data
Related