This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

mimic MAC address

Hello, It doesn't seem possible to mimic a IEEE public BLE MAC address using the BLE stack provided by Noridc. But how easy is it for others to roll their own BLE stack that does allow them to mimic MAC addresses that's been assigned to other modules? Are there publicly available BLE stacks that run on common BLE chips that allow arbitrary MAC address assignment? I'm not trying to do anything nefarious, but I was asked if replay attacks for beacon data is a common enough problem.

Top Replies

endnode over 7 years ago +1

Why do you think so? You can set full 46-bit MAC on nRF5x chips, with or without Nordic BLE stack... So anything based on MAC in BLE has very little to do with security, replay/relay attacks are trivial…

Parents

0 endnode over 7 years ago

Why do you think so? You can set full 46-bit MAC on nRF5x chips, with or without Nordic BLE stack... So anything based on MAC in BLE has very little to do with security, replay/relay attacks are trivial.
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 BLE_lp over 7 years ago in reply to endnode

Thanks for the correction. I had thought that the set address was used only for random static address with the "11" on the MSB. It looks like I have to

ble_gap_addr.addr_type = BLE_GAP_ADDR_TYPE_PUBLIC;

before using the set address command. Thanks!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 BLE_lp over 7 years ago in reply to endnode

Thanks for the correction. I had thought that the set address was used only for random static address with the "11" on the MSB. It looks like I have to

ble_gap_addr.addr_type = BLE_GAP_ADDR_TYPE_PUBLIC;

before using the set address command. Thanks!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data