Do I need to change the default value of STK and LTK between devices?
Do I need to change the default value of STK and LTK between devices?
Sorry, I mean the ERK and IRK default values
Hi,
Ah, in that case it is different. Both the ERK and IRK are special keys that must be persistent and by default they are read from FICR. This contain random numbers that was generated in production and is unique for each individual IC.
There are a few reasons you may want to replace the IRK (for instance if factory resetting a device to prevent the old "user" from being able to track it), and therefore it is possible to set it. How to do it depends on which SDK and Bluetooth stack you are using. Note that in this case you will be responsible for storing the new IRK persistently and configuring the Bluetooth stack to use it after every boot.
Thanks,
After generated from FICR are they constant for each device?
What BLE settings are using those key?
When am I sending them to the peer device?
In case I am producing thousands devices should I randomize the keys I am sending to the stack?
sorry a l lot of questions!
Thanks,
After generated from FICR are they constant for each device?
What BLE settings are using those key?
When am I sending them to the peer device?
In case I am producing thousands devices should I randomize the keys I am sending to the stack?
sorry a l lot of questions!
DS4 said:After generated from FICR(?) are they constant for each device?
The FICR is a persistent register (or set of registers) that is populated during production of the IC and is never changed after that.
DS4 said:What BLE settings are using those key?
When am I sending them to the peer device?
In general these are all standard Bluetooth concepts though, so if you need an introduction in Bluetooth security you could for instance refer to some literature on Bluetooth if you want to get an overview. In a nutshell, the IRK is used if you want to ensure that the device cannot be tracked, and then a resolvable random address is regularly calculated base don the IRK. The ERK is used to generate the LTK and. You can refer to Figure 5.2: LE key hierarchy ion page 268 in the Bluetooth core spec 5.3 to see how the keys relate.
DS4 said:In case I am producing thousands devices should I randomize the keys I am sending to the stack?
Generally, no. As mentioned persistent device keys are unique per IC (generated in production) and other keys are generated based on the RNG peripheral when needed.