BLE data transfer use AES/CCM encryption and unencryption

Why do you not just rely on the security features of BLE? When you use LE Secure Connections with some kind of MITM prevention, then the connection uses AES/CCM. Just make sure, that your lock makes sure, the connection is actually encrypted with a key that was obtained by the proper pairing.

Hi Robitzki,

       You mean I just need to enable MITM protected.

1. My All data should encrypted by AES.

2. Phone app can get a key from device when pairing boths.

3. Is MITM a standard function on BLE?

Do you have any example that can refer it?  which Nordic SDK version can support it?  

Also, we don't want the user to have to enter the passkey by phone. In fact the user doesn't need to pick up the phone to unlock my device(Like auto lock and unlock)

Thank you.

John.

The concrete implementation of MITM protection depends on the IO capabilities you can implement with your lock. Every version of the Nordic SDK will provide this very basic and very fundamental security concept. Think of a keyboard. It would be a nightmare, if not all keystrokes would be encrypted properly.

I'm not using the Nordic SDK very much, so I'm not able to point you to a concrete example.

There is an other method that might be interesting for your application OOB (out of band) data. This basically means, you provide the Key to both communication partners, so that they do not have to exchange the key over the air.

The concrete implementation of MITM protection depends on the IO capabilities you can implement with your lock. Every version of the Nordic SDK will provide this very basic and very fundamental security concept. Think of a keyboard. It would be a nightmare, if not all keystrokes would be encrypted properly.

I'm not using the Nordic SDK very much, so I'm not able to point you to a concrete example.

There is an other method that might be interesting for your application OOB (out of band) data. This basically means, you provide the Key to both communication partners, so that they do not have to exchange the key over the air.

Hi John, 

As Torsten already explained, you can have a secure way of transferring data between your device and the phone using the standard Bluetooth pairing. The link is considering secured if you use LESC with MITM (Man In The Middle) or legacy pairing with OOB (NFC for example) .

Please have a look at the examples in our SDK:  ble_app_gls (MITM with passkey) or ble_app_hrs_nfc_pairing, ble_nfc_pairing_reference (for NFC OOB) 

Hi Hung and Torsten,

         Thank you for your quickly answer.

But for our design, we must auto lock or unlock our device. Don't need to pick up the phone and enter the passkey. Do I have any way that I can use MITM without passkey(Maybe our key already save in our phone app)

Also, I want to know that can I use below method(ECB) with softwaredevice to do our secure way?

devzone.nordicsemi.com/.../intro-to-application-level-security-using-the-ecb-

Have any issue or limit? 

Thank you.

John

Hi John, 

Yes it's possible to do what described in Daniel's blog for your application. 

But I want to make it clear that the bonding process (with passkey or NFC) only needed on the first time the phone connect to the lock. On the next connection the phone and the lock will use a common LTK to encrypt the link. 
Imagine when a new user setting up his phone as the key, he would need to either read the NFC tag on the log or type the code that show on the log. After that the lock automatically open when the phone is close by (connect - encrypt - unlock command - disconnect)

If you want to have an extra security layer you can also implement what Daniel described, on top of BLE encryption. 

Hi Hung,

       Maybe I'll describe as below what I understand, see if that's right.

Step 1: I use MITM function to bonding my device and phone.

Step 2: Use key in passkey on phone to confirm your own.

Step 3: When I will lock device, the device will connect to my phone

Step 4: AES encrypt and unencrypt some information transfer between device and phone

Step 5: If authentication succeeded, device will lock

As I know, if I enable MITM function. The transfer data between device and phone will protected by AES. But AES need a key on device and phone side. When will I get this key? I need burn in this key in my device during production in factory? and transfer this key to phone when user enable lock feature? -  I don't understond.

Do you have any user flow can refer it?

Thank you

John.

Hi John, 

It would work this way: 

Step 1. User turns on the Lock

Step 2. Customer open the app on the phone to connect to the lock for the first time and bonding process starts

Step 3a. If there is keyboard on the lock, the phone can display passkey and user need to type the same passkey on the lock . It's the random passkey the phone generated.

Step 3b. If there is display on the lock, the lock can display the passkey and user type the same passkey on the phone. It's the random passkey the lock generated

Step 4. Two device bonded . They now have generated and stored the same LTK (long term key). This is Bluetooth LTK.

Here the set up process is done. 

Step 5 when the user with the phone come close to the lock, the lock automatically connect to it

Step 6 The phone and the lock encrypt the connection using the previously stored LTK. The lock now know for sure that it connect to the authenticated phone. 

Step 7 The link is now encrypted , and the phone can now send the command to lock or unlock the door. 

Step 8 After the door is locked or unlocked, the phone can disconnect the encrypted connection. 

At step 7 you can implement your extra security protocol if you want.