• State Verified Answer
  • Replies 2 replies
  • Subscribers 73 subscribers
  • Views 3575 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 118257
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Security in BLE/SD

OskarM

Hi,

I can't get my head around the cipher and auth used by SD132 in BLE (nrf52832,SDK12).

Could someone please explain which HW blocks and SW libs are used for encryption/decrytpion, authorisation and secure DFU? I know this is wide question, but I couldn't find any reference to AES CCM block in the SDK and I got confused, whether this is used by SD or not.

thanks

Parents
  • 0

    The CCM module is used for encryption/decryption.

    For legacy pairing no libraries are needed.

    For LESC the nRF52832 requires an external library, micro-ecc, while I believe it is not needed in the nRF52840 (because of the cryptocell)

    Authorization is just that the application has to authorize access to an attribute, for example a read or write.

    The Secure DFU bootloader supports signing of the image to ensure that the update stems from a trusted source.

  • 0 in reply to Petter Myhre

    Thanks. After extensive dig-through I could maybe summarize:

    1. All traffic for BLE is encrypted using AES-128 CCM, the nrf52832 uses the HW module for that. This is done without user interaction and most probaly blocks use access to this module with sd enabled.
    2. In non secure BLE there was symmetrical key exchange using some custom BLE algorithm, embedded in soft device.
    3. In LESC (4.2) even during paring ECDH is used for "cipher key" exchange - using micro ECC features
    4. For parties authentication (to protect against MITM attack) the ECDSA is used (p-256 + SHA256 signing) using micro ECC and/or sha256 libraries
    5. DFU uses ECDSA to sign data needed for update;

    In general since transmission is encrypted after pairing and data is encrypted, the only weak point is the pairing, which is know BLE limitation (except OOB).

    THe most "unknown" here is that to use the LESC features also the phone needs to support that, i.e. has to have BLE 4.2 support.

    regards oskar

Reply
  • 0 in reply to Petter Myhre

    Thanks. After extensive dig-through I could maybe summarize:

    1. All traffic for BLE is encrypted using AES-128 CCM, the nrf52832 uses the HW module for that. This is done without user interaction and most probaly blocks use access to this module with sd enabled.
    2. In non secure BLE there was symmetrical key exchange using some custom BLE algorithm, embedded in soft device.
    3. In LESC (4.2) even during paring ECDH is used for "cipher key" exchange - using micro ECC features
    4. For parties authentication (to protect against MITM attack) the ECDSA is used (p-256 + SHA256 signing) using micro ECC and/or sha256 libraries
    5. DFU uses ECDSA to sign data needed for update;

    In general since transmission is encrypted after pairing and data is encrypted, the only weak point is the pairing, which is know BLE limitation (except OOB).

    THe most "unknown" here is that to use the LESC features also the phone needs to support that, i.e. has to have BLE 4.2 support.

    regards oskar

Children
No Data
Related
Terms of service