https://devzone.nordicsemi.com/f/nordic-q-a/36838/vulnerability-noteHi, The following vulnerability described as Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange in the following page was recently published: https://www.kb.cert.org/vuls/id/304725en-USTelligent Community 13Tue, 04 Sep 2018 10:32:52 GMThttps://devzone.nordicsemi.com/thread/147148?ContentTypeID=1Tue, 04 Sep 2018 10:32:52 GMT137ad170-7792-4731-bb38-c0d22fbe4515:1a8f4de6-e150-45c6-9e2e-eb35a8888c86Einar Thorsrud<p>Hi,</p> <p>BLE Mesh is not affected in any way. This issue only concerns LE Secure Connections (LESC) which is not used in BLE Mesh.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/147066?ContentTypeID=1Tue, 04 Sep 2018 03:10:43 GMT137ad170-7792-4731-bb38-c0d22fbe4515:afc28e46-d053-4f4b-8c5c-cd5946e68fd6Bob J<p>Hi</p> <p>I was wondering how this affects BLE Mesh. If I was using SDK 14 but using NFC to transfer the DHEC parameters, would there still be a vulnerability? Or would the vulnerability only exist if I was not using NFC.</p> <p>I read the white paper and it did not appear to address this question.</p> <p>Thanks in advance for responding.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/141595?ContentTypeID=1Fri, 27 Jul 2018 05:53:31 GMT137ad170-7792-4731-bb38-c0d22fbe4515:a91ee722-8a9b-4f45-b28e-253d851c06bdEinar Thorsrud<p>Hi,</p> <p>We just published a white paper which describe this issue in detail: <a href="https://infocenter.nordicsemi.com/topic/nwp_031/WP/nwp_031/intro.html">nWP031 - Security Threat in Bluetooth LESC Pairing</a>.</p> <p>In a nutshell, the problem is that the Bluetooth specification did not require that the remote public key be validated before it is used to calculate the shared secret during the Diffie&ndash;Hellman key exchange. The LE Secure Connection implementation for Nordic devices reside in SDK &quot;space&quot; rather than in the SoftDevice (stack), so this issue can be fixed in the SDK. The fix is to always validate the remote public key before it is used to generate the shared secret. This issue is&nbsp;not present in SDK 15.0.0, which always validates the remote public in the <a href="https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.sdk5.v15.0.0/group__ble__lesc.html">BLE LESC module</a>.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/141397?ContentTypeID=1Wed, 25 Jul 2018 16:03:50 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2bbb3e62-b840-4bed-b121-5d0c44508f48Jim Dattolo<p>I came here to ask the same thing, can someone from Nordic chime in with a list of SD versions that have been checked for this vulnerability?&nbsp; I&#39;m currently on SDK14 SD 5.1.0 on a NRF52832 chip.</p><div style="clear:both;"></div>