How hacker will hack/impact my BLE device, when ...??


Vikrant More <vikrant8051@...>
 

Hi,

In my current project, I haven't implemented OOB pairing ( BLE based smart lights)

Using Zephyr built-in ECDH library, shared secret (using secp256r1 curve) get created on Device as well as on APP side which will act like encryption key for further communication.

On that encrypted link, APP send encryption key which is common for all devices associated with it.

All this happens when DEVICE is in factory reset mode.

There after communication link is encrypted using newly assign common key.

..................................................................................….........................................

This will create security risk, only if device is not authenticated by user & it could transfer security key ( which is common to many devices) to unauthorized device.

To solve this, APP will automatically trigger DEVICE's LEDs to blink & ask user "do you see blinking LED?" 

If user click on "YES" then & only then ECDH process will initiate & common key get share with new DEVICE.

------------------------------------------------------------------------------------------------------------------------

Besides this I didn't found any security flaw in this implementation. So I need help from Bluetooth Security expert. Is there anyone who can help me to find out flaws & security risks in my current implementation ?

Thanks,
vikrant8051