Re: Securing BLE device Services & Characteristics from unauthorized user


Luiz Augusto von Dentz
 

Hi Vikrant,

On Mon, Feb 12, 2018 at 2:34 PM, Vikrant More <vikrant8051@gmail.com> wrote:
Hello World !!

Suppose there is BLE device with following custom characteristics -
1. main
2. enc_text
3. plain_text
4. aes_key

"enc_text" characteristic receives 16 bytes of encrypted string.

"plain_text" characteristic receives 16 bytes of plain string.

"aes_key" characteristic receives 16 bytes of AES key.

int bt_encrypt_le(constu8_t key[16], const8_t plaintext[16], u8_t
enc_data[16])

Using this function I'm planning to encrypting received plain string & gonna
compare its output with
received encrypted string.

If both matches, then only "main" characteristic accepts data from client.

But what type of AES encryption is used behind this bt_encrypt_le( ) ?

How to disconnect BLE connection from BLE Device side ?

I wanna show "aes_key" characteristic only after device is in factory-reset
mode.
Once it receive AES key from user, it should disappear. How to do that ?
You will have to add a service containing the characteristic which
probably comes from a different application than the 'normal' mode,
now regarding the AES key exchange I don't think that would be secure
enough so you might as well just add a characteristic that requires
encryption and then once the app attempts to write triggers pairing,
if that manages to create a valid key and write is complete, it can be
any value really since it will be protected by having to pair, then
you can restart on normal mode.


Thanks !!




_______________________________________________
Zephyr-users mailing list
Zephyr-users@lists.zephyrproject.org
https://lists.zephyrproject.org/mailman/listinfo/zephyr-users


--
Luiz Augusto von Dentz

Join users@lists.zephyrproject.org to automatically receive all group messages.