Writing OOB Pin to softdevice

Thank you for your well thought out answer. I understand what you are saying about PIN sharing being as good as its weakest link. I am trying to see if there would be a market for a BLE chip which uses USB to accept an OOB pin. The lack of centrals supporting OOB is a bit of a chicken/egg problem for which I don't have any solution.

For now, I wrote a 128bit key using a ECDH key exchange GATT service. Then I added the ble_app_hrs service and an open source AES implementation on to my ECDH service to encrypt heart rate information. I have this entire service stack sharing secret keys, encrypting heart rate information, and streaming this encrypted info to a tiny iPhone app I wrote.

Since my service successfully shares private keys using ECDH, maybe OOB key exchange can be solved somehow. Any thoughts?

ECDH: github.com/.../nano-ecc AES: github.com/.../tiny-AES128-C

Both are safer, but the USB option would be the safest. For the last question I really don't know, but I have seen a few posts asking about how to improve security, so there are interested parties. You should add that to the initial question so it is easier to get the responses you need.

Both are safer, but the USB option would be the safest. For the last question I really don't know, but I have seen a few posts asking about how to improve security, so there are interested parties. You should add that to the initial question so it is easier to get the responses you need.