Which method is recommend for BLE security?

Hi Marco,

Petter is away. I will try to help you.

No, protection against eavesdropping doesn't help increase security against MITM. MITM is about authentication, how can you be sure the device your central talking to is actually the device you looking at ? The scenario is you're using your central device A to pair to a device B, but actually the communication is going to a MITM device, and then that MITM then pair to the device B separately. With Just Work, you have no way of authentication (screen, keyboard etc) when pairing. You can never figure out that you are talking to the wrong guy.

This is different to eavesdropping, where the two device A-B actually talking to each other, the third guy just listen and understand what's transmitting between A-B.

Yes we have this example in the SDK showcasing LESC.

Hey Hung thanks for the reply, Is possible integrate the LESC into the BLE blinky example for both sides central a peripheral?

Yes, you can do that. I don't see any reason why it wouldn't work.

Hi Hung, I was wondering how can I enable "LESC pairing with Just Works" what settings are required on peer_manager_init?

sec_params.bond           = SEC_PARAMS_BOND;
sec_params.mitm           = SEC_PARAMS_MITM;
sec_params.lesc           = SEC_PARAMS_LESC;
sec_params.keypress       = SEC_PARAMS_KEYPRESS;
sec_params.io_caps        = SEC_PARAMS_IO_CAPABILITIES;
sec_params.oob            = SEC_PARAMS_OOB;
sec_params.min_key_size   = SEC_PARAMS_MIN_KEY_SIZE;
sec_params.max_key_size   = SEC_PARAMS_MAX_KEY_SIZE;

Hi Marco,

You can refer to the \examples\ble_central_and_peripheral\experimental\ble_app_multirole_lesc\ to see how to handle LESC. This message sequence chart would also help.