I have 2 questions about LE Secure Connections.

Hi, 

1. What do you mean by "What are the decisions" ? The PKa, PKb are the public keys generated by each peer and to be exchanged so they can use the keys to generate DHKey. The DHKey then will be used to generate LTK key. 

2. Authentication Stage 1 is not encrypted. The link is encrypted right after the DH key check at Authentication Stage 2 (2.3.4.6.5). Please have a look here.

Thank you for answering

1. How is PKa, PKb generated?
Is it generated with random numbers?

2. Thank you.
Does that mean that STK is not used in LegacyPairing?

Hi, 

1. The Public key and private key of each device has to be randomly generated according to Elliptic Curve Diffie-Hellman (ECDH) rules. In our SDK this is done by calling nrf_crypto_ecc_key_pair_generate() which will use the micro-ecc module to generate the key pair.

2. There is no STK when doing LESC. 

Hi, 

1. The Public key and private key of each device has to be randomly generated according to Elliptic Curve Diffie-Hellman (ECDH) rules. In our SDK this is done by calling nrf_crypto_ecc_key_pair_generate() which will use the micro-ecc module to generate the key pair.

2. There is no STK when doing LESC.