How to set up nrf52833 Security 2 Level 2?

This is currently set by nrf52833, and the phone needs to enter the key.

#define  SEC_PARAM_BOND  1															/**< Perform bonding. */
#define  SEC_PARAM_MITM  1															/**< Man In The Middle protection required. */
#define  SEC_PARAM_LESC  0															/**< LE Secure Connections not enabled. */
#define  SEC_PARAM_KEYPRESS  0														/**< Keypress notifications not enabled. */
#define  SEC_PARAM_IO_CAPABILITIES   BLE_GAP_IO_CAPS_DISPLAY_ONLY					/**< No I/O capabilities. */
#define  SEC_PARAM_OOB  0															/**< Out Of Band data not available. */
#define  SEC_PARAM_MIN_KEY_SIZE  7													/**< Minimum encryption key size. */
#define  SEC_PARAM_MAX_KEY_SIZE  16													/**< Maximum encryption key size. */

Hi

Security mode 2 (or more specifically data signing) is not supported in any of the SoftDevices in the nRF5 SDK. From what I have heard, data signing is in general not very widely used as most phones on the market doesn't support this feature either.

The alternative will be to use the nRF Connect SDK where data signing is supported and should work. The GAP security features in Zephyr are described here, and data signing here in the Zephyr project.

Best regards,

Simon

Hi,

That is to say, if I want to use these digital signature functions, I have to change another SDK and change another zephyr os to support these functions.

Can you use security mode 1 instead? It's a much better mode in almost all aspects. Bluetooth SIG recommends to use mode 1 instead of 2.

That is correct. And as Emil suggests, security mode 1 is generally a better security implementation all around.