Hi,
My device does not have IO capabilities so i have used LE secure connection with just works for pairing. since it does not offer any authenticity, i wish to add some level of pass key options to authenticate it. ie i want to use a static pass key to authenticate the connection in addition to what just works offers.
please note: i don't want to replace the random seed value used in just works with a static key.
What i want to do is sent a random value or static key to the client and it should generate a key and send it back based on pre decided algorithm only known to my client and server. once it is authenticated, it should perform LE secure connection with just works.
how can i add this? is there some other better options?
I want only my application to connect to the device, Is there any better way to discard other clients. I do not want to use whitelisting for this.
i know MITM protection cannot be achieved for devices without io but can we achieve something similar?