• State Verified Answer
  • Replies 4 replies
  • Subscribers 73 subscribers
  • Views 2236 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 120902
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Experimental NFC Pairing Example Question

hkartadi

Hi all,

I am learning about the security mode level in BLE. Understood that BLE 4.2 added additional method which is called numerical comparison.

  1. When I tried the experimental NFC pairing example, the OOB mode as well as the just work mode always shows security mode level 2, which is "Encrypted link required, MITM protection not necessary". How do I upgrade this to security mode level 4?
  2. Is there an example to use numerical comparison method?

Thank you

Handi

BUTTONS_M:INFO:LESC OOB MODE! BLE_M:INFO:Fast advertising. BLE_M:INFO:Advertising stopped. BLE_M:INFO:Connected. BLE_M:INFO:BLE_GAP_EVT_CONN_SEC_UPDATE BLE_M:INFO:Security mode: 2 BLE_M:INFO:BLE_GAP_EVT_AUTH_STATUS BLE_M:INFO:Authorization succeeded! BUTTONS_M:INFO:Terminating BLE connection. BLE_M:INFO:Disonnected BUTTONS_M:INFO:LEGACY JUST WORKS MODE! BLE_M:INFO:Fast advertising. BLE_M:INFO:Advertising stopped. BLE_M:INFO:Connected. BLE_M:INFO:BLE_GAP_EVT_CONN_SEC_UPDATE BLE_M:INFO:Security mode: 2 BLE_M:INFO:BLE_GAP_EVT_AUTH_STATUS BLE_M:INFO:Authorization succeeded!

  • 0

    Hi,

    What phone are you using? Note that OOB support was first added in Android 7(Nougat). See this blog post for more information.

  • 0

    Basically I am quite confused, my phone is just fine, it can do the OOB pairing based on the NFC example. However it is always show up as Security mode 1 level 2 which means it is "an unauthenticated pairing with encryption". I thought anything that uses OOB is always "an authenticated pairing" which brings it to level 4?

  • 0

    Hi,

    first of all, pairing procedure triggered from NFC doesn't necessarily have to use the OOB pairing method. It is always up to the phone (or generally BLE Central device) whether or not to use the security data available in the NFC.

    So basically in your case, the phone performs the pairing, but it uses the Just Works method. It takes BLE device address, flags and BLE Role fields from the NFC tag and sends a Pairing Request with OOB flag cleared that's why it results with Security Mode 1, Level 2

    Starting from Android 7.1, the system uses the security information from the NFC tag to perform authenticated pairing (Out-of-Band pairing method). The security data can be:

    • Security Manager TK value (for Legacy Pairing, BT Core < 4.2)
    • Secure Connections Random and Confirmation values (for Secure Connections pairing, BT Core >= 4.2)

    Note that in case of Legacy Pairing, both devices must set the OOB flag (in Pairing Request and Response) to perform the OOB pairing. For LE Secure Connections to perform OOB pairing it is enough that at least one device sets the OOB flag (Pairing Request and/or Pairing Response).

    An example that uses Numeric Comparison is: examples\ble_central_and_peripheral\experimental\ble_app_multirole_lesc

  • 0 in reply to Michal

    thank you for the explanation, will explore again..

Related
Terms of service