BLE - security

Roei said:

In other words - why do we need another phase for key distribution? After Diffie-hellman - both sides can generate the LTK

They do. In case of LESC, third phase is only needed to distribute IRK and CSRK (if requested in pairing request/response). As these values are confidential, this step is performed over an encrypted channel.

OK, just to be sure everything is cleared:

Diffie-Hellman is used to generate shared secret. In the end - both sides have the shared secret.

After that - we use that shared secret key and together with both sides's addresses and rand numbers, we create the LTK? Do we know the exact generation function?

Thanks!!

Roei said:

After that - we use that shared secret key and together with both sides's addresses and rand numbers, we create the LTK?

Exactly.

Roei said:

Do we know the exact generation function?

Yes, see Bluetooth Core specification Vol 3 Part H, "LE Secure Connections key generation function f5".

Thanks!

Can you please tell me in which phase does authentication (passkey etc...) occur?

Phase 2, Authentication Stage 1.

If you're curious about such low-level things, please read Bluetooth Core spec (Vol 3 Part H) - the whole pairing process is explained in details.