Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs

SDK 17.1.0 - NRF_BLE_LESC_GENERATE_NEW_KEYS

Hello,

With nRF5 SDK 17.1.0 release a new ifdef NRF_BLE_LESC_GENERATE_NEW_KEYS in nrf_ble_lesc.c has been added.
Could you please clarify what the intention is of this generating a new key pair for each BLE_GAP_EVT_AUTH_STATUS is?
Does this somehow affect CVE-2020-26558?

Top Replies

RenderMonkey over 4 years ago in reply to Elfving +1

Hello Elfving, I have read the release notes and this is why I am asking. Since this setting is optional, I am asking for clarification when it is needed (or rather why it is optional). Is it for the…
Elfving over 4 years ago in reply to RenderMonkey +1

Hello! Sorry, it seems I was mistaken. The CVE-2020-26558 security fix is being addressed on line 358. RenderMonkey said: Is it for the highly unlikely case when two units attempt to bond and happen…

Parents

0 Elfving over 4 years ago

Hello RenderMonkey,

It is mentioned in the nRF5 SDK release notes. It is a security mitigation mechanism to address a security vulnerability in the Bluetooth Core spec: CVE-2020-26558.

Best regards,

Elfving
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 RenderMonkey over 4 years ago in reply to Elfving

Hello Elfving,

I have read the release notes and this is why I am asking. Since this setting is optional, I am asking for clarification when it is needed (or rather why it is optional). Is it for the highly unlikely case when two units attempt to bond and happen to have the same public key?
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Elfving over 4 years ago in reply to RenderMonkey

Hello!

Sorry, it seems I was mistaken. The CVE-2020-26558 security fix is being addressed on line 358.

RenderMonkey said:
Is it for the highly unlikely case when two units attempt to bond and happen to have the same public key?

Yeah I think you are right. The ifdef NRF_BLE_LESC_GENERATE_NEW_KEYS snippet is likely there to avoid the scenario where two devices have the same public key. It is optional because an exception is needed for the NFC library (this library generates LESC keys itself after every pairing attempt).

Best regards,

Elfving
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Elfving over 4 years ago in reply to RenderMonkey

Hello!

Sorry, it seems I was mistaken. The CVE-2020-26558 security fix is being addressed on line 358.

RenderMonkey said:
Is it for the highly unlikely case when two units attempt to bond and happen to have the same public key?

Yeah I think you are right. The ifdef NRF_BLE_LESC_GENERATE_NEW_KEYS snippet is likely there to avoid the scenario where two devices have the same public key. It is optional because an exception is needed for the NFC library (this library generates LESC keys itself after every pairing attempt).

Best regards,

Elfving
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 RenderMonkey over 4 years ago in reply to Elfving

Thank you Elfving!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Elfving over 4 years ago in reply to RenderMonkey

No problem!

Btw, it seems that the NRF_BLE_LESC_GENERATE_NEW_KEYS snippet also deals with key refreshes in general. A device should change its private key after every pairing, succesful or failed.

Best regards,

Elfving
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel