• State Verified Answer
  • Replies 2 replies
  • Subscribers 62 subscribers
  • Views 2314 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 126316
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Is it possible to add my mobile device to whitelist without pairing?

Niko

I´m currently developing ble peripheral application for the nRF52832 with SDK v13.0.0. I need to have a secure connection between the nrf and android or ios mobile device and i figured that whitelisting with the peer manager might be the way to go. I don't want any unauthorized devices to be able to connect. But in my case i'm not allowed to achieve this by pairing and the only way i've managed to save any device information to whitelist at this point has been by pairing.

So my questions are these. Is it possible to add a mobile device to whitelist without pairing? And is whitelisting even a correct approach in my case? Or am i missing something here?

  • 0

    Hi Niko,

    Most of the phone now using Resolvable Random Address. Meaning the address will change, peer device needs the IRK to recognize the phone after the address changes.

    Could you explain a little bit more on restriction that now allow you to pair with the phone ? Currently it's the only way to get IRK from the phone. If you can get IRK from the phone via other device, you can send the IRK to your device or hardcode it on your device.

    If you can't get the IRK, you will have to think about otherway of whitelisting. One example is to have a password for example. After connection , the phone need to provide a password in say less than 5 seconds. Otherwise the connection will be terminated. In that 5 seconds gap, all data , functionality on the peripheral is not available to the central.

    Since it's an unencrypted link, you need to protect your password. What way of doing that is to let the peripheral send a random number, the phone need to use the password and encrypt that random number and send the result back. The device will check the result to see if it's correct password or not.

    The draw back of this is that the password is hard coded on the peripheral, with the chance that it can be cracked if the hacker have access to flash. Also this allow the unauthorized central to connect for a period of time before the connection is terminated. Unlike what happens with whitelisting, the connect request is rejected right away.

  • 0 in reply to Hung Bui

    Thank you so much for your answer. We are not allowed to use pairing because the mobile applications have already been made and they do not support pairing. And apparently pairing outside the application reduces user experience.

Related