• State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Subscribers 75 subscribers
  • Views 1622 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 278832
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MITM protection implementation for BLE pairing

Kaveh.M

I have two Adafruit feather with nRF52832 on them, using one as central and the other as peripheral. 

I have created some codes based on ble_app_uart from Nordic SDK and combine peer manager with it for security.

They work fine, but when I set "#define SEC_PARAM_MITM              1" on both, they stop connecting to each other. 

How can I include MITM protection to my connection? 

Thanks

Parents
  • 0

    Hi

    Did you check the log on the peripheral and central side to see if there is any indication there why they won't connect?

    Have you checked that they both successfully start advertising and scanning?

    Best regards
    Torbjørn

  • 0 in reply to ovrebekk

    Thanks Torbjorn. This is the error I get from debugging central device. 

    <info> app_timer: RTC: initialized.
    <error> app: ERROR 7 [NRF_ERROR_INVALID_PARAM] \nRF5_SDK_17.0.2_d674dde\examples\My Projects\uart_central_wpmg_5\main.c:829
    PC at: 0x00035077
    <error> app: End of error report

    For MITM protection using nrf52832, do I need to take one of these paths: Display a code, NFC, or UART OOB.

    If that is the case may be I can not have MITM protection because I have two Adafruit feather communicating but sitting far apart from each other.

  • +1 in reply to Kaveh.M

    Hi 

    As mentioned by fhfs above you need some IO capabilities in order to authenticate the link and get MITM protection. 

    The following matrix shows which IO capabilities you need on each side of the link in order to get authenticated pairing:

    For instance, you can uses MITM pairing if you support keyboard on one side and display on the other. 

    Either you have to connect buttons and a display to the Arduino feather directly, but if using UART is an option you can also implement simple keyboard and display functionality through the UART terminal:
    Simply display the passkey in the UART terminal on one side, and have the user enter the same passkey in the terminal for the other side. 

    Best regards
    Torbjørn

Reply
  • +1 in reply to Kaveh.M

    Hi 

    As mentioned by fhfs above you need some IO capabilities in order to authenticate the link and get MITM protection. 

    The following matrix shows which IO capabilities you need on each side of the link in order to get authenticated pairing:

    For instance, you can uses MITM pairing if you support keyboard on one side and display on the other. 

    Either you have to connect buttons and a display to the Arduino feather directly, but if using UART is an option you can also implement simple keyboard and display functionality through the UART terminal:
    Simply display the passkey in the UART terminal on one side, and have the user enter the same passkey in the terminal for the other side. 

    Best regards
    Torbjørn

Children
No Data
Related
Terms of service