• State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 67 subscribers
  • Views 583 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 245530
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Connection establishment only for specific device

TobiasM

Hello,

I'm trying to setup an automated pairing for two devices. My peripheral device is advertising and should only allow connection requests from a specific central device. I've read that using directed advertising will not show my peripheral device on unauthorized devices if they are complaint to the specification. However, a malicious device which doesn't ignore those advertising packets would still be able establish a connection if I'm not mistaken and I would need a whitelist instead. Is it possible to add a specific device (I know the device address, it's randomly generated but doesn't change) without the IRK such that only this specific central device is able to establish a connection and perform the automated pairing?

Best regards

Tobias

  • 0

    Hi,

    I guess there are a few ways this can be done.

    For instance you can start advertising with a whitelist enabled (allow scan requests, but disallow connection requests). The peripheral can then check the RSSI value of the peers executing scan requests, and if the RSSI level is very good (e.g. peer placed in very close proximity), then you can add this peer to the whitelist to allow it to connect and bond.

    In addition you can also pre-configure all your devices with an hard coded OOB key or passkey, such that any peer that connect will only be able to successfully bond if they have the correct key. If they are not able to bond within a reasonable time-out (let's say 1-2 seconds), then the peripheral can disconnect the link and start advertisement again until the next peer connection (hopefully with the correct key).

    Best regards,
    Kenneth

  • 0 in reply to Kenneth

    Hello Kenneth,

    I'm currently trying to implement some of your suggestions. I've started to setup the whitelist for the advertising. However, I'm using the ble_advertising library but I didn't figure out how to setup the whitelist manually before my peer device is connected. It seems most examples on the Devzone use a older Softdevice version that provided the whitelist differently. Can you briefly explain the steps to only allow connection requests by a specific device by using his address or what example can be used as a template for the Softdevice 132?

    Best regards

    Tobias

  • 0 in reply to TobiasM

    Check out '[nRF5 SDK root]\examples\ble_peripheral\ble_app_hids_keyboard'.

    Best regards,
    Kenneth

Related