Suggest bonding model where central is exposed to public and lacks meaningful IO, the peripheral is private and has good IO, and NFC isn't available

RE: Suggest bonding model where central is exposed to public and lacks meaningful IO, the peripheral is private and has good IO, and NFC isn't available

howard n2wx — Wed, 17 Oct 2018 17:53:19 GMT

Thank you. I was afraid that'd be the answer. I'm going to need to authenticate the peripheral in some other way because the central's physical security can't be assured. Seems I need to persuade the hardware guys into giving me some i/o on the central, perhaps a physical key lock, so that I can inhibit pairing unless the key is in the lock when the devices are introduced to each other.

RE: Suggest bonding model where central is exposed to public and lacks meaningful IO, the peripheral is private and has good IO, and NFC isn't available

Sigurd — Wed, 17 Oct 2018 15:17:29 GMT

Hi,

Without any IO Capabilities on the central side you are limited to "Just Works" bonding. See this link on how the Peer Manager should be configured for that. See this link for a introduction to BLE security.

Relation Between Pairing Methods and I/O capabilities(from BLE spec 4.2 [Vol 3, Part H] page 611):