Topics

[Zephyr-users] #BluetoothMesh guest key implementation #bluetoothmesh


Johan Hedberg
 

Hi Vikrant,

On Fri, Apr 20, 2018, vikrant8051 wrote:
https://www.bluetooth.com/bluetooth-technology/topology-options/le-mesh/mesh-faq

As per this link, under the heading of #VisitorAttacks we could see :

"*Visitor attacks* are prevented by giving guests and visitors temporary
and limited access to the network using a separate set of keys. These guest
keys have a limited lifetime."

How to implement guest key concept with #ZephyrBluetoothMesh ?
It's more of a provisioner issue than a Zephyr issue. On the Zephyr side
all you need to do is make sure your configuration allows at least two
network keys. Then you need to make your provisioner add the key to all
nodes, including the guest node, for the duration that you want the
guest to have access, and then go and remove the key from all nodes once
you want to revoke access (it doesn't matter if the guest is not around
anymore since no other node has that key). You'd probably also want to
do the same thing with the application key, i.e. use a separate one for
the guest (I think that's what's meant by "set of keys" instead of
talking about a single key).

Johan