This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

LE Secure Connections (ECDH) on S130

Is the ECDH encrypted key exchange supported on the new S130? If not, when can we expect it to be available?

I am surprised this is not given a higher priority, since now the only safe solution is to use OOB, which requires additional hardware. The other two solutions, where the key exchange over the air is unencrypted, is essentially useless. See here and video here.

  • Hi Dominik,

    I back your question because having this is important for "BLE only" devices to have complete security from the point zero. However I'd like to clarify your claim (supported by the reference to the Blackhat talk) that all 3 security modes (JustWorks, 6-digit Passkey and Out Of Band) are vulnerable to the passive (or even active) attack. My understanding is that in OOB you exchange raw 128-bit AES Long Term Key by other way then over the air and thus you are completely safe. Sure this is applicable only for specific devices/infrastructures (most probably minority) but still it's usable if you want this level of security. Could you point me to any reference for attack against OOB mode?

    Thanks for clarification Jan

  • Yes I agree with you, OOB is pretty safe, and I think he also mentions that in his talk. The vulnerability is mainly with JustWorks and the 6-digit Passkey in which case the key exchange is done over the air and unencrypted. I am going to alter my original question.

  • @Dominik, endnode: Current S130 (v1.0.0) doesn't support LE Secure Connection.

    It's in our road map, but I don't know when it will be available.

    For official information on future feature/product, please contact our sales representative.

    I agree that Just work and Passkey is not very safe, but some measures can be done to make them safer, such as only perform bonding inside a protected environment, such as a Faraday Cage (microwave oven for example)

  • Thanks for the clarification! We will see which road to take, either add encryption ourselves or use NFC for OOB pairing. And although a protected environment is a theoretical solution, it is not really practical.

  • It is also possible to reduce TX power dramatically during bonding, which will require the devices to be very close. This severely limits passive eavesdropping, since a single missed packet of the 6-way "handshake" will make it much harder to regenerate the STK used when distributing the long-term keys.

    Sadly, most mobile vendors are still lacking in OOB support, so I'm surprised to see LE-Secure Connections embraced so quickly.

Related