Level 1 mode 3 security

RE: Level 1 mode 3 security

Hussain — Wed, 07 Oct 2020 07:37:25 GMT

It is not a good idea. Can I have some help on this or not?

RE: Level 1 mode 3 security

Kenneth — Wed, 07 Oct 2020 07:08:09 GMT

It's not possible to achieve MITM protection (authentication) without some sort of input/output device.

The only workaround would be to hard code the passkey in firmware and for instance print it on a label on the device, however in terms of security and logistics I am not sure if that is a good idea.

RE: Level 1 mode 3 security

Hussain — Wed, 07 Oct 2020 06:44:24 GMT

But what if you have devices which do not have input output capabailities. Which example will you suggest me to run in irder to achieve level 1 mode 3 on the devices.

RE: Level 1 mode 3 security

Kenneth — Tue, 06 Oct 2020 11:34:01 GMT

Hi,

You should look at a ble peripheral example that implement peer manager, such as:
\ble_app_hids_keyboard
\ble_app_gls

You can for instance find in ble_evt_handler() in main.c for the \ble_app_gls example it will output the security level on BLE_GAP_EVT_AUTH_STATUS event.

The security level is ensured by setting SEC_PARAM_MITM and SEC_PARAM_BOND. Here is a description on how to test the \ble_app_gls example:
https://infocenter.nordicsemi.com/topic/sdk_nrf5_v17.0.2/ble_sdk_app_gls.html

Best regards,
Kenneth