https://devzone.nordicsemi.com/f/nordic-q-a/35856/questions-about-lesc-mitm-and-passkeyHi! I am using SDK15 to develop an application for nordic chip which won&#39;t be using any kind of display nor keyboard input, so probably I&#39;m gonna go for static passkey option. I can&#39;t also use OOB. My requirements are to: a) authenticate devices wantingen-USTelligent Community 13Thu, 28 Jun 2018 15:13:42 GMThttps://devzone.nordicsemi.com/thread/138175?ContentTypeID=1Thu, 28 Jun 2018 15:13:42 GMT137ad170-7792-4731-bb38-c0d22fbe4515:f1eff945-fff2-4351-9630-eca77f385f71Kenneth<p>Hi,</p> <p>You can find some guidelines here on BLE security:<br /><a href="https://www.bluetooth.com/~/media/files/specification/bluetooth-low-energy-security.ashx">https://www.bluetooth.com/~/media/files/specification/bluetooth-low-energy-security.ashx</a>&nbsp;</p> <p>Our latest nRF5 SDKv15 should contain various examples that show bonding from just works to lesc.</p> <p>What is important to understand is that the only potential weakness is if someone is sniffing when the initial bonding occurs, and the level of weakness then depending on the capabilities and bonding procedure used. A sniffer may be able to get the long term key that is used for all later communication and encryption if using passkey (can be brute forced) or just works.</p> <p>However if the sniffer is not present during the bonding procedure, then all communication is equally safe, since all bonding procedures generate a&nbsp;128bit long term key which can&#39;t be cracked or brute-forced.&nbsp;</p> <p>The link can only be encrypted by two devices that have been previously bonded re-establish connection, and it&#39;s only then they may exchange data.</p> <p>Best regards,<br />Kenneth</p> <p>&nbsp;</p><div style="clear:both;"></div>