https://devzone.nordicsemi.com/f/nordic-q-a/1850/how-to-avoid-mitm-attacksHi, I need protection against the MITM attack, what should I modify in heart rate example? Actually, I change the characteristics to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM() and I use the sniffer to listen the transfer data, the result I read is garbleden-USTelligent Community 13Wed, 12 Mar 2014 15:36:15 GMThttps://devzone.nordicsemi.com/thread/8016?ContentTypeID=1Wed, 12 Mar 2014 15:36:15 GMT137ad170-7792-4731-bb38-c0d22fbe4515:99a4dd5e-a809-44f4-8b76-491f2fe1b5efsugarchai<p>I got it,thanks Ole:)</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/8015?ContentTypeID=1Wed, 12 Mar 2014 13:41:36 GMT137ad170-7792-4731-bb38-c0d22fbe4515:807dacd0-8131-4189-9f4e-6d7fffa1cfdcOle Morten<p>As I said, and as you can see in the table I refer to, there is currently no way to use a passkey if you don&#39;t have a display or keyboard.</p> <p>I&#39;d also be happy if you could accept my reply as an answer to clear up this question. :-)</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/8014?ContentTypeID=1Wed, 12 Mar 2014 10:41:40 GMT137ad170-7792-4731-bb38-c0d22fbe4515:7161aabd-bddf-4e8f-b340-54f5342c0f82sugarchai<p>Thank you for your help.Actually,I want my device(without keyboard and display) connect with iphone. It&#39;s seems that the OOB is not possible to use. Is it possible to use the passkey and BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM() for my case?</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/8013?ContentTypeID=1Tue, 11 Mar 2014 13:46:05 GMT137ad170-7792-4731-bb38-c0d22fbe4515:ec314be9-62a1-4997-8113-568618f502abOle Morten<p>You can avoid MITM attacks by using a passkey or out-of-band bonding. You can refer to the ble_app_gls for an example of how to use a passkey, but we don&#39;t have any examples showing how to do OOB bonding, since there are no common Centrals in the market that supports this out of the box.</p> <p>In summary, to use a passkey for bonding, you need to set the mitm flag in ble_gap_sec_params_t, and make sure you have some way to either show a passkey to a user, or let the user enter a passkey on your device. This must be set as the io_caps field of the same struct. You can refer to the table in Volume 3, Part H, section 2.3.5.1 in the Core Specification for the resulting behavior given a set of I/O capabilites.</p> <p>Finally, to make sure that a characteristic is only readable over a link that is MITM protected, you can use BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(). Doing so will make sure that the softdevice returns INSUFFICIENT_AUTHENTICATION for any operation happening over a less secure link, for instance using Just Works secuirty.</p> <p>ble_app_gls uses the display of the nRFgo Starter kit to show a passkey, that you as a user then have to enter on the Central device. It could be argued that this is a kind of out-of-band mechanism, but the passkey is just six digits, as opposed to a 128-bit number with proper OOB. Since the passkey is so short, it&#39;s trivial for an attacker that listens in on the bonding process to brute force the passkey used, and this can be done by most BLE sniffers out of the box.</p> <p>Hence, if you want security also against eavesdroppers, you either need to use full OOB bonding (but this isn&#39;t possible with most common Central devices), or you need to make sure bonding happens in a secure environment without eavesdroppers.</p><div style="clear:both;"></div>