Is re-pairing necessary with MITM protection?

Question

I am working on a peripheral. This peripheral is IO display only. On the other side, the central is keyboard + display. I have a single, custom service with a single characteristic. Said characteristic is readable and writable and requires both encryption and authentication. Pairing seems to work - I can read and write to it successfully. 
 However, with bonding enabled, once I re-connect and try to read or write to that characteristic, I get an "Insufficient Authentication (Error Code 0x05)" error. 
 Is this expected? When using MITM protection, does a central always need to re-pair?

Mateusz · Accepted Answer

Looks like the issue was with non-volatile memory. Security properties were not being saved properly. Why or how - I'm not sure yet, but that's a different issue. 
 So if a device is paired and bonded with MITM protection, authenticated reads or writes should succeed on the initial and following connections. 
 Thanks Hung Bui for your help. I deleted my previous "answer" as I was misunderstanding the book quote.