This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

White-list with "Just works" simple pairing

Hello, 

We use nRF52832 with SDK-11 as peripheral in our project. We want to utilize white-list feature to limit the connection establishment. I have studied HID Mouse example, and the example uses MITM protection. It would trigger the pairing request in remote device, and if we want to clear the white-list limitation, we not only need to remove the white-list in our device, but also un-pairing the device in remote part.

I wonder if we could use "Just works" simple pairing with white-list to avoid this. Currently, we enable the white-list feature by writing a specific value to the characteristic of our device.

Any advice and suggestions will be appreciated.

Parents
  • Hi, 

    Please allow me to explain more.

    I understand that I might use white-list feature with address only, but this requires that remote device exposes its public address. If remote device uses private resolvable address, the white-list would not work correctly after remote device refreshes its address. In this situation, as I know, the IRK created by pairing/bonding process might be the solution, and this results in the question I mentioned in my original post. Is this correct ?

    Any advice and suggestions will be appreciated.

  • Hello, whitelist can be used with both address and IRK. If you have included ble_advertising.c in your project, then there will be a BLE_ADV_EVT_WHITELIST_REQUEST event to allow the application to provide the address and IRK to be used during advertisment with whitelist. If you want to bond with a new central you can disable whitelist by calling ble_advertising_restart_without_whitelist().

  • Hi, Kenneth

    Thanks for your reply. However, I want to know if it is possible that I could get IRK information from remote device which use private resolvable address, by using non-MITM "Just works" simple pairing.

    Thank you.

  • The peer manager included in nRF5 SDK will automatically handle this for you, and store address or IRK as required by the address type. The application can get address and IRK by calling pm_whitelist_get().

  • Hi, Kenneth

    Thanks for your kindly reply. So, you mean that even if we use non-MITM pairing/bonding procedure, which is "Just works" simple pairing, we still could have white-list feature working correctly, but we need to use peer manager instead of ble device manager. Is this correct ?

    Because the example projects in SDK use MITM pairing/bonding procedure, we are not sure if we could replace it with non-MITM pairing/bonding procedure. The MITM pairing/bonding procedure would result in the unfriendly user experience when we need to do un-pairing in iOS application.

    Thank you.

  • This will also work with device manager. I do not understand why you say the HID mouse example is using MITM, the define is:

    #define SEC_PARAM_MITM                  0                                           /**< Man In The Middle protection not required. */

    Maybe what you mean is that you only want to pair, but not bond? Then that is controlled by:

    #define SEC_PARAM_BOND                  1                                           /**< Perform bonding. */

  • Hi, Kenneth

    I apologize for mixing the MITM, pairing, and bonding. Maybe, as you said, I should ask if I could use white-list with pairing only and WITHOUT encryption and bonding.

    Thank you

Reply Children
Related