• State Not Answered
  • Replies 26 replies
  • Subscribers 74 subscribers
  • Views 4871 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 295523
Options

BLE data transfer use AES/CCM encryption and unencryption

JohnCC

Hi,

      I development a elock device to use nordic 52832 chip. I want to transfer some information between phone app and my device. Like UUID / user account / user password.

for against BLE sniffer, we need use AES method to protect our information.

Can I follow  \examples\crypto\nrf_cc310\aes example to do it? Or any suggest for us? Our data transfer flow as below

 - phone app sent unlock command to our device

 - our device sent a random number to phone app

 - phone app response

- our device check response to unlock

Thank you.

John.

Parents
  • 0

    Why do you not just rely on the security features of BLE? When you use LE Secure Connections with some kind of MITM prevention, then the connection uses AES/CCM. Just make sure, that your lock makes sure, the connection is actually encrypted with a key that was obtained by the proper pairing.

  • 0 in reply to Torsten Robitzki

    Hi Robitzki,

           You mean I just need to enable MITM protected.

    1. My All data should encrypted by AES.

    2. Phone app can get a key from device when pairing boths.

    3. Is MITM a standard function on BLE?

    Do you have any example that can refer it?  which Nordic SDK version can support it?  

    Also, we don't want the user to have to enter the passkey by phone. In fact the user doesn't need to pick up the phone to unlock my device(Like auto lock and unlock)

    Thank you.

    John.

  • 0 in reply to Hung Bui

    Hi Hung,

        After our deeper research, now there is a question

    If I already used passkey to connected between my phone and my bike。My transmission is encrypted。

    If I lend my bike to my friend,Is he able to establish other passkey secure connection? Because my bike device already has my Key,Can there be two sets of keys? or the first one will be cleared?

    Thank you.

    John.

  • 0 in reply to JohnCC

    Hi John, 

    When you say passkey, is it the bluetooth bonding passkey ? 

    You can have bond with two different phones. You don't need to clear the first set of bond information.

    But the question is how you enable a new phone to connect and control the bike. It's more about security question. It's similar to what I wrote in the last reply. You need to have a way of allowing a new bond. Either by using your phone that already bonded and give a command to allow a new bond. Or by using for example a physical NFC key to allow adding a new bond. 

  • 0 in reply to Hung Bui

    Hi Hung,

    When you say passkey, is it the bluetooth bonding passkey ?   Yes

          Our current thinking as below.

    1. The device enter into pairing mode

    2. The device show passkey on display when phone A want to pair the device

    3. Enter the passkey by keyboard on Phone A. The phone A bonded the device.

    4. Make the device enter pairing mode again through a method

    5. The device show passkey on display when phone B want to pair the device

    6. Enter the passkey by keyboard on Phone B. The phone B bonded the device.

    7. User can use phone A or Phone B to lock or unlock device.

    Because a bike may be used by two people. Can two Keys be able to unlock or lock this bike?

    Thank you.

    John.

  • 0 in reply to JohnCC

    Hi John, 


    Then how can you avoid an attacker to steal the bike ? 

    After you bonded the first phone A.

    Then an attacker with a phone C come and bond to the device, how do you avoid it being stolen by attacker with phone C ? 

  • 0 in reply to Hung Bui

    Hi Hung,

        According to our current plan, we will use the user's account to check on the server to prevent.

    If My bike bonded the Phone A(User A account) and "Already Locked". Other users will not be able to bonded this bike. Until user A unlocks this bike

    Thank you.

    John. 

Reply Children
  • 0 in reply to JohnCC

    Hi John, 
    Your solution may work. But you may want to consider adding some extra security on top: 

    - After you check user account , you may want to have a challenge response scheme. For example the device provide a challenge and the app on the phone must provide a response to the device so that the device are sure it's connected to an authorized phone. You can choose to do this by the cloud (connect to server as you said) but then it will come to an issue that if the user doesn't have internet he can't unlock. There is a blog about this scheme here. 

    - You may want to add a "add new user" mode. Instead of simply allow new bond when the bike is unlocked. For example if the attacker just get close to the bike when it's not locked and not connected to the phone, the he can bond the new phone to it. 

  • 0 in reply to Hung Bui

    Hi Hung,

                   Thanks for your great information. We will implement it on our product

    John.

Related
Terms of service