RE: Closed Mesh System

Hung Bui — Thu, 27 May 2021 13:12:16 GMT

Hi Materigo,

The Bluetooth mesh was designed as an open standard and interoperability is something that's in the main focus.

That's why any app from different vendors can be used to provision Nordic mesh node.

It's not designed to be closed protocol so we don't have out-of-the-box feature that can make it a closed mesh network.

You would need to implement your own way of limiting access to the mesh node. What I can think of is to implement a challenge - response authentication:

https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication

So at the beginning of the connection, either GATT or ADV-Bearer the peer would need to provide a correct response before the node accept the provisioning. You just need to modify the code so that it will send a challenge at the beginning of the connection and then wait for a response before it response to any command from the peer.

The main draw back for this is that you would need to provide a master key to all of the nodes in production. And if attackers can hack one node to get the key they would be able to access all your nodes. You can think of having a type of key that can be unique to a single node only. We are not expert in security and encryption so you may need to find your own solution.