This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Advertising security and whitelisting

Hi, I need a little help with understanding to implement security in my application.

Most examples used by Nordic have public advertising on, so any device can connect to it. In a real application this is mostly undesirable due to the fact that anybody within range can connect with a general Bluetooth connect app (e.g. from Nordic) and change characteristic values. 

I know that a whitelist exists for this. So any central who connects to a peripheral has to bond in order to be added to the whitelist. The only downside of this approach is that the softdevice only allows 8 devices to connect. In our application it's possible that more then 8 centrals over time will connect (a smartphone/tablet will be used as central). Since the added device is not deleted, the whitelist can be full over time and no new central can connect.

Is there any other way of how to approach this?

Parents
  • It is possible to for instance only have the 8 last bonds, and delete older bonds. This can for instance be done by checking number of bonds in peer manager when idle between connections, something like:

    if(pm_peer_count() > 8)
    {
    pm_peer_id_t peer_id_to_delete;
    err_code = pm_peer_ranks_get(NULL, NULL, &peer_id_to_delete, NULL); //oldest not used bond
    APP_ERROR_CHECK(err_code);
    err_code = pm_peer_delete(peer_id_to_delete);
    APP_ERROR_CHECK(err_code);
    }
    
    

    Alternatively if you want to have more than 8 bonds, an alternative may be to periodically (e.g. every 1 second) update the whitelist by calling pm_whitelist_set() after acquire the peers you want to allow to connect by populating the list with devices from pm_next_peer_id_get(). You can refer to the implementation of whitelist_set() of how this can be done.

  • Peers are ranked in order of bonding? So when peer 1 is bonded first and peer 2 after, then peer 1 is a higher rank?

    If so, it's not always the case that the first peer should be deleted. 

    With the alternative, do you mean that a peripheral can have more then 8 bonds but just 8 whitelisted? 

    I figured out an alternative too, I could perhaps delete the bond (and so the peer from the whitelist) from within our app. 

Reply
  • Peers are ranked in order of bonding? So when peer 1 is bonded first and peer 2 after, then peer 1 is a higher rank?

    If so, it's not always the case that the first peer should be deleted. 

    With the alternative, do you mean that a peripheral can have more then 8 bonds but just 8 whitelisted? 

    I figured out an alternative too, I could perhaps delete the bond (and so the peer from the whitelist) from within our app. 

Children
  • Gueston said:
    Peers are ranked in order of bonding?

    No, the oldest used (oldest connected) bond have the lowest rank, the latest (most recently) used bond have the highest rank. The rank is updated every connection. 

    Gueston said:
    With the alternative, do you mean that a peripheral can have more then 8 bonds but just 8 whitelisted? 

    Yes, basically only limited with the amount of flash you have reserved for the flash device manager. If the flash run full, a garbage collection will automatically be triggered to clean up garbage data and the lowest rank will be deleted.  

    Gueston said:
    I figured out an alternative too, I could perhaps delete the bond (and so the peer from the whitelist) from within our app. 

    You may create a service and characteristic to for instance control this yes. 

Related