https://devzone.nordicsemi.com/f/nordic-q-a/77873/bonding-how-to-change-the-ltk-manuallyhow to change the ltk manually, is it possible with nrf52 dk?en-USTelligent Community 13Tue, 27 Jul 2021 11:51:27 GMThttps://devzone.nordicsemi.com/thread/322031?ContentTypeID=1Tue, 27 Jul 2021 11:51:27 GMT137ad170-7792-4731-bb38-c0d22fbe4515:1e8e2870-4491-4555-90eb-ea70b63fad6aAmanda Hsieh<p>Hi,&nbsp;</p> <p><span>If you have control on both sides of the link (central + peripheral) you can update LTK and use it when they connect. Just like what happens&nbsp;</span><a href="https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s132.api.v7.3.0/group___b_l_e___g_a_p___c_e_n_t_r_a_l___e_n_c___m_s_c.html">here</a><span>&nbsp;on the central and&nbsp;</span><a href="https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s132.api.v7.3.0/group___b_l_e___g_a_p___p_e_r_i_p_h___e_n_c___m_s_c.html">here</a><span>&nbsp;on the peripheral.</span></p> <p><span>The LTK generation is taken care of by the SoftDevice.&nbsp;LTK can be accessed when you receive the BLE_GAP_EVT_AUTH_STATUS event from the SoftDevice.</span></p> <p><span>Any keys generated and/or distributed as a result of the ongoing security procedure will be stored into the memory referenced by the pointers inside the p_sec_keyset used in&nbsp;<a href="https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s132.api.v7.2.0/group___b_l_e___g_a_p___f_u_n_c_t_i_o_n_s.html#ga7b23027c97b3df21f6cbc23170e55663">sd_ble_gap_sec_params_reply()</a>. The keys will be stored and available to the application upon reception of a&nbsp;<a href="https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s140.api.v6.1.1/group___b_l_e___g_a_p___e_n_u_m_e_r_a_t_i_o_n_s.html#ggada486dd3c0cce897b23a887bed284fefa8958220152f7547da3b250b4f724877c">BLE_GAP_EVT_AUTH_STATUS</a>&nbsp;event. The Peer Manager( security_dispatcher.c) handles this and will store the keys for you when you bond with a device.</span></p> <p><span>-Amanda H.</span></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/321985?ContentTypeID=1Tue, 27 Jul 2021 08:58:24 GMT137ad170-7792-4731-bb38-c0d22fbe4515:addcfb4c-45ab-4920-830f-32bdbb8518e9tfoobarq<p>HI,</p> <p>I am not saying that I need to generate a pair of LTK by myself, I mean whether I can manually change the LTK in a pair of bonded devices.</p> <p>For example, there is a situation where I need to connect with a peripheral that only supports Legacy Pairing, but I still don&#39;t want others to decipher my Bluetooth encryption link. Therefore, I tried to change the LTK exchanged in Legacy Pairing through some interactive information and proprietary algorithms, so that even if a third party could sniff my Legacy Pairing interaction, it would not be able to decrypt future links.</p> <p>In other words, I established my own set of authentication protocols through a certain method, and changed the LTK of both parties, so that in subsequent connections, I can use AES-CCM to encrypt the transmitted data like normal Secure Connection.</p> <p>I want to know if this is feasible for nrf52? If so, how should I change the LTK that has been stored?</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/321979?ContentTypeID=1Tue, 27 Jul 2021 08:36:06 GMT137ad170-7792-4731-bb38-c0d22fbe4515:1196a0cb-cade-4d3b-af38-c9e5c01aa750Amanda Hsieh<p>Hi,&nbsp;</p> <p>Are you looking to&nbsp;generate<span>&nbsp;the LTK&nbsp;</span><span>manually?</span></p> <p></p> <p><span>You could refer to B.2.2 Generating Keys from ER in the&nbsp;</span><span>BLUETOOTH CORE SPECIFICATION Version 5.2 | Vol 3, Part H, and t</span><span>his&nbsp;</span><a href="https://devzone.nordicsemi.com/f/nordic-q-a/12188/generating-my-own-ltk-ediv-rand">post<span>&nbsp;</span></a><span>might help.&nbsp;</span></p> <p><span>-Amanda H.</span></p> <p><span></span></p><div style="clear:both;"></div>