This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

MITM Protection Option in nRF Connect for Desktop

Hello,

I am using NCS v1.6.0, nRF Connect for Desktop v3.7.0, and the Bluetooth Low Energy app v2.5.1 (part of nRF Connect for Desktop). I am using the nRF52840 Dongle with the Bluetooth Low Energy app and the nRF52840 DK to run the examples below.

I am looking at the peripheral_hids_mouse and peripheral_hids_keyboard examples in the SDK and for both of them, in the section of "Testing with nRF Connect for Desktop" there is a step where it says to optionally enable MITM protection. When I check this box, there does not seem to be any difference in behavior. I also do not see an option to either "use a button on the device to confirm or reject the passkey value."

Can someone look at this and let me know if I am doing something wrong here?

Regards,

Akash Patel

Parents

0 ovrebekk over 4 years ago

Hi Akash

I just tried the peripheral_hids_keyboard example in NCS v1.6.0, and it seems to work for me:

A passkey is printed in the log, and I have to enter this in nRF Connect in order to pair with MITM enabled.

Are you not seeing any of this?

Best regards
Torbjørn
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Akash Patel over 4 years ago in reply to ovrebekk

Hi Torbjørn,

Yes I am seeing the passkey in the log and I am able to enter it in nRF Connect for Desktop and that works fine. What I meant to say is that even if I don't check the MITM protection checkbox, I still see this. So what is the difference between with and without MITM protection? Is it always doing MITM protection even if you don't check the box?

Regards,

Akash
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 ovrebekk over 4 years ago in reply to Akash Patel

Hi Akash

Good point, I see the same here ;)

I will have to check with the developers what the logic is behind this checkbox. Normally you want to use authentication by default, but then one might question why the box is there if it doesn't change anything.

If I don't hear from them by tomorrow I will try to hook up my sniffer and see if I can spot any difference in the packet exchange.

Best regards
Torbjørn
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 ovrebekk over 4 years ago in reply to Akash Patel

Hi Akash

Good point, I see the same here ;)

I will have to check with the developers what the logic is behind this checkbox. Normally you want to use authentication by default, but then one might question why the box is there if it doesn't change anything.

If I don't hear from them by tomorrow I will try to hook up my sniffer and see if I can spot any difference in the packet exchange.

Best regards
Torbjørn
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 Akash Patel over 4 years ago in reply to ovrebekk

Hi Torbjørn,

Any updates on this?

Regards,

Akash
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 ovrebekk over 4 years ago in reply to Akash Patel

Hi Akash

Sorry for the slow response. Unfortunately most of the apps team is out on holiday, so I am afraid I will have to follow this up when they are back in August.

Best regards
Torbjørn
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 ovrebekk over 4 years ago in reply to ovrebekk

Hi again

According to the developer either side of the link can request MITM protection, so if the button on app side doesn't have an effect it should be because it is requested on the peripheral side.

Best regards
Torbjørn
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel