Automatically connected without putting the static passkey at the time of pairing with out bonding.

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

prayuktibid — Tue, 03 Mar 2020 10:23:52 GMT

Thank you

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

Einar Thorsrud — Tue, 03 Mar 2020 10:01:42 GMT

Hi,

[quote user="prayuktibid"]What If I add a single tactile button with the BLE module and I can start advertising and scanning by pressing the button then Can I achieve some security level?[/quote]

It would be better from a usability perspective since the likelihood of you actually connecting to the correct device will increase (since there are probably fewer advertisers, and you can typically advertise with shorter advertising interval when the duration is short). However, it would not increase security, since an attacker would still be able to connect (or be connected to) instead.

It is not even theoretically possible with authentication without a form of side-channel, but the side-channel could in principle be anything (typically either human via button/display, NFC, pre-provisioned in flash etc.).

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

prayuktibid — Tue, 03 Mar 2020 04:17:08 GMT

Thank you Mr. Einar,

[quote userid="7377" url="~/f/nordic-q-a/58459/automatically-connected-without-putting-the-static-passkey-at-the-time-of-pairing-with-out-bonding/237429"] I understand. But what I wanted to know what how important it was to make sure that this could never happen. Since you want to do this in the field and don't have any I/O capability or another side channel, it is not possible to make it secure from attackers. But that is hopefully not a concern.[/quote]

I got your point. What If I add a single tactile button with the BLE module and I can start advertising and scanning by pressing the button then Can I achieve some security level?

[quote userid="7377" url="~/f/nordic-q-a/58459/automatically-connected-without-putting-the-static-passkey-at-the-time-of-pairing-with-out-bonding/237429"] I see. The central can choose to connect to just peripherals with the "correct" name, as long as the peripheral puts the name in the advertising packet. For the peripheral, it does not know anything about the central until after it has connected, but you could make the peripheral read the central name after the connection, and disconnect if the name is incorrect.[/quote]

Thank you, I will try on it and let you know.

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

Einar Thorsrud — Mon, 02 Mar 2020 12:19:57 GMT

Hi,

[quote user="prayuktibid"]Are 'filtering' and 'whitelisting' is same thing? I have bit confusion among these two thing.[/quote]

Not necessarily. You can filter on anything. Whitelisting in BLE is essentially filtering on the MAC address (either directly if it is static or by resolving it to an IRK).

[quote user="prayuktibid"]No button, no display and no keyboard. The peripheral device(assume nrF52840 dongle) should connect automatically with the central device(assume another nrF52840 dongle) whenever it comes withing the range.[/quote]

I see. So it is impossible to make a secure solution in this case, but that is probably not needed anyway.

[quote user="prayuktibid"]Obviously, I don't want to connect with wrong device that is why I want to connect with the particular central device[/quote]

I understand. But what I wanted to know what how important it was to make sure that this could never happen. Since you want to do this in the field and don't have any I/O capability or another side channel, it is not possible to make it secure from attackers. But that is hopefully not a concern.

[quote user="prayuktibid"]I want to produce central devices and peripheral devices by some particular name. Suppose I make all central device's "DEVICE_NAME = Master" and peripheral device's "DEVICE_NAME = Slave". I want every "Slave" should connect with any "Master" and vice verse but no other devices which have different name. The "Slave" should give provision to connect with it if the device name "Master" is matched otherwise no connection will be established. I want to give a generic name or uuid for all centrals and peripherals.[/quote]

I see. The central can choose to connect to just peripherals with the "correct" name, as long as the peripheral puts the name in the advertising packet. For the peripheral, it does not know anything about the central until after it has connected, but you could make the peripheral read the central name after the connection, and disconnect if the name is incorrect.

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

prayuktibid — Mon, 02 Mar 2020 11:13:51 GMT

Thank you Mr. Einar,

Are 'filtering' and 'whitelisting' is same thing? I have bit confusion among these two thing.

Basically in field.

No button, no display and no keyboard. The peripheral device(assume nrF52840 dongle) should connect automatically with the central device(assume another nrF52840 dongle) whenever it comes withing the range.

Obviously, I don't want to connect with wrong device that is why I want to connect with the particular central device but data is not important cause I want to control hardware(On/OFF type) on peripheral device from the central device.

[quote userid="7377" url="~/f/nordic-q-a/58459/automatically-connected-without-putting-the-static-passkey-at-the-time-of-pairing-with-out-bonding/237341"]If you produce two and two devices to work together, then you can do pairing (or a similar concept) during production, and in that case, it would be secure and user-friendly. If you don't pair them in production, then you need another mechanism, such as suggested below. It will not be as secure, but it may be good enough, depending on your requirements:[/quote]

I want to produce central devices and peripheral devices by some particular name. Suppose I make all central device's "DEVICE_NAME = Master" and peripheral device's "DEVICE_NAME = Slave". I want every "Slave" should connect with any "Master" and vice verse but no other devices which have different name. The "Slave" should give provision to connect with it if the device name "Master" is matched otherwise no connection will be established. I want to give a generic name or uuid for all centrals and peripherals.

Thank you advanced.

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

Einar Thorsrud — Mon, 02 Mar 2020 09:10:56 GMT

Hi,

[quote user="prayuktibid"]So, this is not possible but I would like to know that Is there any produce by which I can ensure the peripheral device will connect with a particular central device? [/quote]

If the devices are bonded beforehand, then this is standardized. You could use whitelisting, where only a central with a specific MAC address (or a specific IRK address if it uses resolvable addresses, as mobile phones do).

[quote user="prayuktibid"]In case of central device we can do filtering by name, by UUID, by mac id etc... So that the central device connect only those devices which are in filter list. In peripheral device Can I do same thing? [/quote]

Yes. The same whitelisting concept can be used for both central and peripheral devices. But again, you need to bond in that case (or at least know the MAC address and/or IRK address in advance).

[quote user="prayuktibid"]Actually my primary objective is not security its secondary, my primary and main objective is peripheral should connect the particular central device which I want.[/quote]

I see. This leaves you several options, but which option makes more sense depends on some factors that have not been discussed:

Will you pair the two devices in production somehow, or should the matching of two specific devices be done later in the field?
Do your devices have buttons, display or anything else? What does it have?
What level of security do you require? Is it acceptable that an attacker can make the devices connect to the wrong device?

If you produce two and two devices to work together, then you can do pairing (or a similar concept) during production, and in that case, it would be secure and user-friendly. If you don't pair them in production, then you need another mechanism, such as suggested below. It will not be as secure, but it may be good enough, depending on your requirements:

Use a button press to start advertising, and only advertises for a short while. This makes it unlikely that another device is close by advertising at the same time. This is the approach typically used with HID mice. This is not suitable in an environment when many devices might do this at the same time, and an attacker can easily act as peripheral making the central connect to it instead.
Use RSSI to only allow connections from devices with a high RSSI (assumes close by). Disconnect if RSSI of the first received packet is low. This is not very accurate though and might decrease user-friendliness.
Combination of the above in order to increase security (but it will still not be good).

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

prayuktibid — Mon, 02 Mar 2020 04:17:52 GMT

Thank you Mr. Einar.

So, this is not possible but I would like to know that Is there any produce by which I can ensure the peripheral device will connect with a particular central device?

In case of central device we can do filtering by name, by UUID, by mac id etc... So that the central device connect only those devices which are in filter list. In peripheral device Can I do same thing?

Actually my primary objective is not security its secondary, my primary and main objective is peripheral should connect the particular central device which I want. I think you got my point.

My humble request to you please suggest me some method by which I can achieve my goal.

Thank you advanced.

RE: Automatically connected without putting the static passkey at the time of pairing with out bonding.

Einar Thorsrud — Fri, 28 Feb 2020 18:22:10 GMT

Hi,

[quote user=""]My objective is The nRF52840 dongle should connect with nRF Connect App after getting the passkey reply from nRF Connect App otherwise it should not connect.[/quote]

This is not possible. The establishment of a BLE connection is not related to the passkey concept, which can be used to provide authenticity (man in the middle protection). That is a concept of pairing, so the passkey exchange always happens during pairing (if used).

That said, you could make it so that all your characteristics require security so that it would be impossible to do anything without pairing. You could also request pairing and disconnect if it does not happen.