• State Not Answered
  • Replies 5 replies
  • Subscribers 62 subscribers
  • Views 3102 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 120763
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Questions about BLE multirole LESC

Fabien Comte

Hello,

I have few question please about this example.

  • m_lesc_private_key looks unused, how to modify source to use a pre shared private key ?
  • is this exemple secured (no one can connect without the right key, MITM proof and data encrypted) ?
  • how can i avoid to store bounds ?

Thank you.

  • 0

    • Using static private key is not supported by spec unless you use the DEBUG key , only for debugging purpose. It's mentioned main.c in the example, please look for "LESC_DEBUG_MODE"

    • Maybe you got the wrong impression of what LE Secure Connection is. It's a way to do bonding securely. Meaning exchanging a LTK to be used for encryption in a secure way. It's not like you have a secret key and the peer need to have the same key to be able to connect. It's like you have one random generated key and your peer has another random generated key, you use these 2 keys in a secured way to generate the common key. After that you use the common key to encrypt the link. You can, however, to limit the connection to only bonded device, this way all devices that haven't bond to you can not connect to your device.

    • "how can i avoid to store bounds ?" What do you mean ?

  • 0 in reply to Hung Bui

    I have seen this key but it looks unused ?

    I have a system that find devices around (not always the same) and i don't need to save bounds. How can i do that ?

    Thank you for your help.

  • 0 in reply to Hung Bui

    Yes the key is unused because in our firmware it's generated randomly. Bluetooth spec prohibit using pre-generated key pair unless you use DEBUG key for debugging purpose.

    I still don't understand what exactly you want "I have a system that find devices around (not always the same) and i don't need to save bounds. How can i do that ?"

    I assume you meant "save bonds". If you don't want to save bond, you can turn of bonding, only pairing will be used. Just set SEC_PARAMS_BOND = 0 in main.c

  • 0 in reply to Hung Bui

    I do a self organized scatternet mesh (see at http://fabiencomte.tumblr.com/ and fabiencomte.tumblr.com/.../voici-une-démonstration-dune-visualisation-qui) for industrial application. A devices discover automatically other devices around and create connections. I want to limit scatternet access to trusted devices that's why pre shared key looked interesting for me but if you can propose me something else i am interested.

  • 0 in reply to Hung Bui

    There are many different ways your device can recognize each others. Could be with the advertising device name.

    If you want to have some more secure, you can think of using a "password" type, where one can check if the other side has the password by sending a random value "nonce" and the one who enter the network will have to send an encrypted value base on that "nonce" and the common hardcoded password. The sender will check if the return encrypted value match with what it expects. If not, it can disconnect the connection.

Related

core_v2_widget.Hide()