https://devzone.nordicsemi.com/f/nordic-q-a/7850/nrf51822-authenticate-and-encrypt-functionsHi, I am attempting to create a secure BLE connection in security mode 1 and level 3. I noticed that when I simply call sd_ble_gap_authenticate with MITM = 1 it seems to put me in that security mode. This seems odd to me as I thought I would alsoen-USTelligent Community 13Mon, 29 Jun 2015 02:33:41 GMThttps://devzone.nordicsemi.com/thread/27978?ContentTypeID=1Mon, 29 Jun 2015 02:33:41 GMT137ad170-7792-4731-bb38-c0d22fbe4515:443ba443-91d3-498c-b069-c6441ccc08c4tnesheim<p>Thanks for your help, this cleared things up for me.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/27977?ContentTypeID=1Fri, 26 Jun 2015 05:28:52 GMT137ad170-7792-4731-bb38-c0d22fbe4515:cc00685d-9553-4267-8f9e-957632b2a057P&#229;l H&#229;land<p>Hi,</p> <p>you are right that the link will always be encrypted when using the bluetooth way of authenticating.</p> <p>While doing authentication the link is actually encrypted in the process with the link settings that you decided. Thus another encryption is not necessary. If you at a later point disconnect, or would like to do a key refresh of the link. Then you can use the <code>sd_ble_gap_encrypt(..)</code> with the keys that you received in the <code>BLE_GAP_EVT_AUTH_STATUS</code>.</p> <p>The only way of authenticating without encryption is to distribute IRK or CSRK to identify that the peer device is actually a device that you have authenticated with previously. CSRK is something that we don&#39;t support.</p> <p>What you could do, is to implement some sort of proprietary authentication if you control the app on both sides of the link.</p><div style="clear:both;"></div>