Peripheral MAC change

Question

Hello, 
 if we want protect our (central) device against tracking and still allow it to connect with specific Peripheral we can use whitelist with IRK (and?) mac address (is mac still mandatory on the list with IRK?). My question - what if we want to protect peripheral and change its mac periodically, could we also use whitelists somehow to connect to the peripheral that has changed its mac but Central doesn't know that? 
 Let's assume we can store some IRK (or other keys) on both side before any previous operations (no bonding, etc.) 
 Thanks!

Petter Myhre · Accepted Answer

If you want to protect your central device against tracking, but still be recognizable by trusted devices you can use the random private resolvable address type. Keep in mind that as long as the device is not sending out scan requests and connection requests it is difficult to track it, because it will only be scanning. 
 The peripheral needs the IRK to resolve the address. It can put the IRK (only) into a whitelist if it wants to filter away scan requests and/or connection requests from other centrals. 
 If the peripheral uses the random private resolvable address type the central needs the IRK to resolve the address. It can put the IRK into a whitelist if it wants to filter away advertisments from other peripherals. 
 Typically the IRK is distributed when you bond, but with SoftDevice S130 v3.0.0 and later you can set the IRK to use with sd_ble_gap_privacy_set().

Peripheral MAC change

Top Replies