RE: What are most common pairing steps?

Kenneth — Tue, 30 Nov 2021 15:19:39 GMT

Hello,

There are many ways this can be done, all have various pros and cons.

You can for instance provide the two peers with a pre-shared OOB key that is used when initially establishing connection to perform the bonding. Without this OOB key they would not be able to perform bonding, and either side can quickly disconnect the link to allow the next peer to connect that hopefully will have the correct OOB key to perform bonding. The advantage of using OOB key, is that it will follow a standard bonding procedure, so even if you do changes to your application (e.g. firmware update) it is very unlikely this will cause issues. Of course others may still be able to connect, but since they don't have the OOB key they will quickly be disconnected based on my above suggestion. The only way for anyone being able to get the OOB key would be an attacker with in-depth knowledge of your software and hardware, and that have physical access to both, so it may be a more theoretical issue than a realistic scenario, but I mention it in any case since using pre-shared keys are security weakness.

I made an example here a few years ago on how to do bonding using pre-shared OOB keys:
https://devzone.nordicsemi.com/f/nordic-q-a/66209/modify-pre-shared-oob-key-for-legacy-connection/270823#270823

Hope it helps,
Kenneth