This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

About EDIV and Rand

Hi everyone,

I have some questions regarding the use of EDIV and Rand in BLE Legacy Pairing.

  1. What I understood from the specs is that these are generated during the pairing phase by the slave device and exchanged with the master along with the LTK. The part that I am not sure I understood well is how it is used by the slave device during encryption setup. It seems to me that the specs give freedom to the actual BLE implementation about this: either you use EDIV/Rand as a kind of index to retrieve the associated LTK after receiving the encryption request or you re-generate the LTK each time using EDIV/Rand and a device-specific, never shared, secret value. Is that correct ?

  2. Why have they been removed from Secure Connections pairing ? How is the association made between the LTK and the peer device in that case ? With the Identity Address ?

  3. How does the nRF5 SDK Peer Manager manages these peer-LTK associations in both cases (Legacy Pairing and Secure Connections) ?

Thanks in advance.

Related