Bluetooth: Mesh: about avoiding cloud storage


vikrant8051 <vikrant8051@...>
 

Hi,
Assume 

1) #BluetoothMesh provisioner App is creating NET & APP key using end-user @username & some unforgettable pass-phrase.

2) as app get un-installed, no relevant file will present on local storage. 

3) no hardware mechanism to push NODE into factory reset mode.

In this case, even app get un-installed then fresh one could create same NET-APP key pair.

Can I send encrypted message on ADV-Bearer to unprovisioned all NODEs in vicinity to their configuration Server (by selecting destination addr. as 0xFFFF) using freshly installed App?

Is there any chance so that we could avoid cloud storage with "ANY" Bluetooth Mesh implementation without going against SIG specification for above mentioned assumptions ?

Thank You !!


laczenJMS
 

Hi Vikrant,

I think it is a bad idea to have this kind message to put the device
back into unprovisioned state. Anyone who is using this app with your
devices could take over all your devices by using your procedure, and
this person even does not need physical access to the devices.

I would say every device has some kind of hardware mechanism available
to put it into an unprovisioned state. Even if you have no physical
button you could work as follows: to put the device in unprovisioned
state you need to cycle the power to it for at least 10 times. The
power should stay on for 2 seconds but less than 4 seconds. After 2
seconds you increment the counter, after 4 seconds you reset it to 0.
When the counter reaches 10 the device goes into unprovisioned state.
You can change the counter and times to fit your needs.

Hope this helps,

Jehudi