• State Verified Answer
  • Replies 3 replies
  • Subscribers 73 subscribers
  • Views 1610 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 106678
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Can Bonding Info Be Shared?

c cook

We are working on a BLE home automation application. It is likely that some homes could have 10 or more of our devices. We also need to allow the homeowner control of which central devices can connect and control our product. We currently are using bonding, the user needs to have physical access to the device to create the bond. That's all working. The issue is this: Let's assume there are 10 of our devices in the home, and the family has 3 smartphones and 2 tablets. Each phone/tablet would have to be individually bonded to each of our devices. That equates to 50 bondings. That could become very tedious, depending on the number of centrals and peripherals the home has.

Is there a way that the user, could take one phone, bond to each of the 10 devices, and then share that information with other phones and tablets, so that the bonding process only has to occur once per peripheral? Thanks

Parents
  • 0

    @Ccook: I would say it's possible to do on the nRF51 side to share keys between devices such as same LTK for different central. But I am not sure it's straigh forward to do on the central phone/tablet side. How do you share bond information between phones ? It's not accessible or controllable by the app.

    The solution I'm thinking of is to implement your own proprietary security system that you can encrypt and decrypt using your app. Doing so, you can easily share security keys between phones.

  • 0 in reply to Hung Bui

    @ccook: I assume the "passkey" you mentioned here is the key that can trigger the device to allow bonding with the new phone ? Not the passkey needed when doing passkey bonding ( the 6 digit passkey)

    If it's the case I don't think it's very safe. First, you can't use whitelist, because if you have whitelisting you won't be able to connect your new phone to the device at the first place.

    Second, one can easily sniff the unencrypted trafic and can find your magic passkey and can reuse it later on to bond with your device.

    My suggestion is that you have a secret key that the bonded device need to write to the device so that it switch to "open" mode where a new phone can be connected and bond to the device. Your device only start in "open" mode on the first run or when it receives that secret key. The draw back is you always need a bonded device to allow a new bond.

Reply
  • 0 in reply to Hung Bui

    @ccook: I assume the "passkey" you mentioned here is the key that can trigger the device to allow bonding with the new phone ? Not the passkey needed when doing passkey bonding ( the 6 digit passkey)

    If it's the case I don't think it's very safe. First, you can't use whitelist, because if you have whitelisting you won't be able to connect your new phone to the device at the first place.

    Second, one can easily sniff the unencrypted trafic and can find your magic passkey and can reuse it later on to bond with your device.

    My suggestion is that you have a secret key that the bonded device need to write to the device so that it switch to "open" mode where a new phone can be connected and bond to the device. Your device only start in "open" mode on the first run or when it receives that secret key. The draw back is you always need a bonded device to allow a new bond.

Children
No Data
Related
Terms of service