• State Verified Answer
  • Replies 6 replies
  • Subscribers 62 subscribers
  • Views 9513 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 102054
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Secure connection between nRF51822 and Android Smartphone?

Christoph Inhestern

Hello, i'm programming an android app to connect to the nRF51822 (peripheral). Without any security or pairing settings everything works fine. The Problem: Any kind of authentication and encryption is needed, but in the final Product the nRF51822 has no display or keyboard. Is there any way to establish a secure, authenticated connection to the Chip under that conditions?

In addition to the problem, what is the difference between the "Properties" and the "Permissions" of a Characteristic and what are they used for?

Parents
  • 0

    Hi Chris,

    If the device has no display or keyboard (and I assume no OOB mechanism), you can use "Just work" for pairing. This is the most simple pairing that require no external peripheral. The first pairing process should be perform in a "safe" environment that no sniffing or eavesdropping would interference.

    To trigger a pairing process, you would need at least one characteristics with the permission requires security (using BLE_GAP_CONN_SEC_MODE_SET_ENC instead of BLE_GAP_CONN_SEC_MODE_SET_OPEN) On the phone side, you would need to read this characteristic which result in a "Insufficient Authentication" error, after that the phone will perform the pairing procedure.

    Regarding permission and properties:

    • Permission is transparent to the peer device and control the device access (readable/writable), authentication (require pairing or not) , and authorization permission.
    • Properties is public and showing how the characteristic value can be used, accessed (read, write, notify, indicate etc)

    You can find more the full description in the Bluetooth Core Spec v4.0 (or the latest v4.1), just search for "Characteristic Properties" and "attribute permission". "Just Work " is also described in the document.

    I also suggest you to have a look at the "Bluetooth Low Energy: The Developer's Handbook", which is really useful for understanding BLE protocol.

Reply
  • 0

    Hi Chris,

    If the device has no display or keyboard (and I assume no OOB mechanism), you can use "Just work" for pairing. This is the most simple pairing that require no external peripheral. The first pairing process should be perform in a "safe" environment that no sniffing or eavesdropping would interference.

    To trigger a pairing process, you would need at least one characteristics with the permission requires security (using BLE_GAP_CONN_SEC_MODE_SET_ENC instead of BLE_GAP_CONN_SEC_MODE_SET_OPEN) On the phone side, you would need to read this characteristic which result in a "Insufficient Authentication" error, after that the phone will perform the pairing procedure.

    Regarding permission and properties:

    • Permission is transparent to the peer device and control the device access (readable/writable), authentication (require pairing or not) , and authorization permission.
    • Properties is public and showing how the characteristic value can be used, accessed (read, write, notify, indicate etc)

    You can find more the full description in the Bluetooth Core Spec v4.0 (or the latest v4.1), just search for "Characteristic Properties" and "attribute permission". "Just Work " is also described in the document.

    I also suggest you to have a look at the "Bluetooth Low Energy: The Developer's Handbook", which is really useful for understanding BLE protocol.

Children
No Data
Related