does static passkey provide MITM protection after BLE4.2 ?

Question

BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H page 2321 Figure 2.4 
 
 According to the figure, if an eavesdrop device exists in the pairing process, it is easy to obtain Cai, Nai, PKA, and PKb. It should not be difficult to obtain rai, and thus ra, that is, passkey. 
 Is it impossible to provide MITM protection,If I use static passkey.Or I understand the mistake.

Mttrinh · Accepted Answer

Sorry, what I meant was that it is a low probabilty to guess the passkey, so for brute-force guesser it will take some time to connect to a device. For eavesdroppers, who can sniff the static passkey pairing transmission between two devices, it won't be difficult to get a hold of the passkey. So it is like you said once the static passkey is known it won't be secure at all. 
 Static passkey will only help you avoid that users connect to the wrong device in a multi-device environment. If you need protection against MITM-attacks, you should use a random passkey with a display.

does static passkey provide MITM protection after BLE4.2 ?

Top Replies