Hi! I am using SDK15 to develop an application for nordic chip which won't be using any kind of display nor keyboard input, so probably I'm gonna go for static passkey option. I can't also use OOB.
My requirements are to:
a) authenticate devices wanting to connect to my chip and disallow them to or at least prevent them from accessing services without pairing,
b) assure certain level of encryption confidential data sent, so noone can sniff them
I have seen some posts saying that static passkey doesn't provide much protection and it doesn't work with LESC.
1. Is it true that every attempt to guess passkey reveals one bit of the key? So after a few attempts anyone is able to read my confidential characteristics attributes? Or am I messing the security key with the passkey?
Offline Emil Lenngren 11 months ago in reply to Ulrich Myhre You should ask yourself what your security goals are (and tell us). As Ulrich mentioned, a passkey in the legacy pairing adds almost no security. In the LESC model, a static passkey adds no security at all since each failed attempt reveals 1 bit of the key, so you can crack it in on average 10 attempts.
2. I realize that knowing the static passkey makes it possible to decipher the data sent over air, for example with sniffer. What condition has to be met in order to do this? Eavesdropping during pairing, during connecting with already bonded device or anytime the connection is alive?
3. Is there an option for blacklisting devices, I mean for those trying to bruteforce passkey? For example insert wrong passkey three times in a row and don't accept connection from them anymore or something like that.
4. As I have read that LESC doesn't work with static passkey. Here's what I did just now:
ble_app_multirole_lesc with
#define SEC_PARAMS_IO_CAPABILITIES BLE_GAP_IO_CAPS_DISPLAY_YESNO
<info> app: CENTRAL: BLE_GAP_EVT_AUTH_STATUS: status=0x0 bond=0x1 lv4: 1 kdist_own:0x3 kdist_peer:0x2
when I changed iocaps to display_only despite my device having no display:
#define SEC_PARAMS_IO_CAPABILITIES BLE_GAP_IO_CAPS_DISPLAY_ONLY
and
gap_params_init(){ ... ... ... uint8_t passkey [] = "123456"; ble_opt_t passkey_t; passkey_t.gap_opt.passkey.p_passkey = &passkey[0]; err_code = sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &passkey_t); APP_ERROR_CHECK(err_code); }
<info> app: CENTRAL: BLE_GAP_EVT_AUTH_STATUS: status=0x0 bond=0x1 lv4: 1 kdist_own:0x3 kdist_peer:0x2
The logger output is exactly the same. Does that mean I have used static passkey to successfully protect my device from MITM attack (with ECC) and assured authentication?