https://devzone.nordicsemi.com/f/nordic-q-a/42679/why-gatttool-can-access-characteristics-whithout-secure-connection-on-ble_app_gls-example-from-sdkHi, I just started with Nordic nRF52 DK and builded and flashed nRF5_SDK_15.2.0_9412b96/examples/ble_peripheral/ble_app_gls application on Ubuntu 18.04 using armgcc toolchain. Softdevice is s132 6.1.0. I just used what was there in the SDK and &quot;makeen-USTelligent Community 13Fri, 18 Jan 2019 15:34:31 GMThttps://devzone.nordicsemi.com/thread/166545?ContentTypeID=1Fri, 18 Jan 2019 15:34:31 GMT137ad170-7792-4731-bb38-c0d22fbe4515:bdce08b9-1ddb-4366-b8ce-4088937ef943Chencheng<p>Great, Thanks!</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/166540?ContentTypeID=1Fri, 18 Jan 2019 15:26:26 GMT137ad170-7792-4731-bb38-c0d22fbe4515:c1392f71-a57c-43b2-b04c-35df36ee92dfVidar Berg<p>Hi Checheng,</p> <p>I think it&#39;s easier if you look at the switch case in ble_srv_common.c::set_security_req() which invoke&nbsp;BLE_GAP_CONN_SEC_MODE_SET_* macros. These macros show what security mode and level each&nbsp;security_req_t member correspond to. Then have a look at the different security modes and levels&nbsp;defined by the core spec (core spec v5, vol. 3, part C, section 10.2).&nbsp;&nbsp;</p> <p>&quot;<span>All OOB, numeric comparison, and passkey pairing are for MITM protection as I understand.&quot; Yes, that is correct.&nbsp;</span></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/166516?ContentTypeID=1Fri, 18 Jan 2019 14:26:25 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2b16af74-5fb0-4fcd-be82-a377b7912804Chencheng<p>Thanks Vidar,</p> <p>That&#39;s exact answer to my problem.</p> <p>BTW, can you elaborate what pairing methods does SEC_SIGNED applies to? Or what is the difference between SEC_MITM and SEC_SIGNED_MITM? Do they differs just as LEGACY versus LESC connection?</p> <p>(<a href="http://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.s132.api.v6.1.0%2Fgroup___b_l_e___g_a_p___p_e_r_i_p_h___s_e_c___m_s_c.html&amp;cp=2_3_1_1_0_2_1_3_10">http://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.s132.api.v6.1.0%2Fgroup___b_l_e___g_a_p___p_e_r_i_p_h___s_e_c___m_s_c.html&amp;cp=2_3_1_1_0_2_1_3_10</a>)</p> <p>All OOB, numeric comparison, and passkey pairing are for MITM protection as I understand.</p> <p>Best regards,</p> <p>Chencheng</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/166510?ContentTypeID=1Fri, 18 Jan 2019 14:10:09 GMT137ad170-7792-4731-bb38-c0d22fbe4515:cb357d3e-c456-4f21-a177-a443e72b42a6Vidar Berg<p>Hi,&nbsp;</p> <p>The security level on the gls characteristics are set to &quot;just works&quot; by default, so MITM protection is not required to access these. You can change the security level in service init to require MITM:</p> <p>// Here the sec level for the Glucose Service can be changed/increased.<br /> gls_init.gl_meas_cccd_wr_sec = SEC_JUST_WORKS;<br /> gls_init.gl_feature_rd_sec = SEC_JUST_WORKS;<br /> gls_init.racp_cccd_wr_sec = SEC_JUST_WORKS;<br /> gls_init.racp_wr_sec = SEC_JUST_WORKS;</p> <p>Here are some&nbsp;message sequence charts that illustrate the different bonding procedures:&nbsp;<a href="http://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s132.api.v6.1.0/group___b_l_e___g_a_p___p_e_r_i_p_h___s_e_c___m_s_c.html?cp=2_3_1_1_0_2_1_3_10">http://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s132.api.v6.1.0/group___b_l_e___g_a_p___p_e_r_i_p_h___s_e_c___m_s_c.html?cp=2_3_1_1_0_2_1_3_10</a>&nbsp;</p> <p>Best regards,</p> <p>Vidar&nbsp;</p><div style="clear:both;"></div>