Is there any inbuilt security while exchanging data after connecting to a Bluetooth LE device using this method? Here I wanted to be clarified about the following -
1. Is the communication channel is secured after device gets connected (but not pared/bonded yet)?
Or
2. Is it mandatory to bond/pair the BLE device (using createBond()) to make the communication secured?
I had a look into the following thread, and the question 4 seems similar to my question.
Bluetooth Low Energy encryption and data safety
But the answer differs in different response. Please respond if anyone has clarity on this.
Regards,
Paul
No, the pairing process is seperate from the connection procedure in LE. You could be connected and exchange data without pairing.
When you say secured, do you mean encrypted? There are different features in LE security. You could sign and add integrity without pairing.
Data enncryption requires pairing, regardless of using Secure Simple Pairing or LE Secure Connections.
Related
I am trying to create an iPhone and Android application that accesses a device with sensitive personal information, such as a body composition analyzer, via BLE (Bluetooth Low Energy).
At that time, it is problematic if anyone can read the device's information, so we are thinking of creating the following mechanism.
Some users of the body composition analyzer will store their passwords and usernames in the device.
Reading from the app via BLE is only possible if the username/password combination is correct
I know that if Bluetooth Classic is available, this can be done using SPP communication, but since SPP is not available from the iPhone, it must be done via BLE.
However, since BLE Peripheral data can be read by anyone with an app like nRF Connect during advertisements, is BLE not suitable for this kind of application?
Is it possible to create such an authentication system with BLE? If so, what kind of mechanism is possible?
If the pairing model and I/O capability requirements offered by standard BLE pairing does not fit for you, you will need to treat the BLE communication as a generic public (non secure) channel. On top of this you can put any type of generic security mechanism that fits your needs such as TLS or any PAKE.
So far I am able to do things two different ways.
I can advertise a service on the Pi, connect from an Android app, and read/write characteristics. From my understanding, this communication is not encrypted.
I have been able to do the same thing adding pairing and bonding to the mix. I advertise a service on the Pi with an agent, connect from an Android app, and as soon as I try to read/write a characteristic I get a prompt on my phone asking to pair. From my understanding, after pairing is succesful the communication is encrypted.
That last part is great. However, I am looking to pair without bonding, mainly because I don't want to end up with a huge list of devices on my bluetooth settings. Android seems to use this term interchangeably, which just makes everything more confusing.
I know it's possible to do it as per this video. I just haven't figured out how to actually do it myself.
Any help is appreciated.
This is totally possible according to the Bluetooth protocol specification. If at least one device sets "bonding flags" to "no bonding" in the AuthReq field of the Pairing Request or Pairing Response, no bonding information shall be permanently stored.
If you're using BlueZ, I'm not sure if it allows you to configure this though.
For Android, people report that Android does not respect this flag and creates a bond anyway (Why does Android bond even when asked not to bond?).
Technically speaking, pairing is the process of exchanging the keys with a remote device, while bonding is the process of storing these keys. Some devices use the terminology "pairing" to indicate the the keys are exchanged and the connection is encrypted, but the keys will not be stored for future use. On Android this is not possible as far as I'm aware, and you always need to store the keys. This can be seen in the link below (see the section Bonding with a BLE Device):-
The Ultimate Guide to Android BLE
Some other useful links:-
Android BluetoothDevice API
Should One Create a Bond with a BLE Device
BLE Pairing and Bonding
I am working on a Flutter app that connects to a bluetooth IOT device. I am using the flutter_blue library. This library allows for the scanning of nearby bluetooth devices. Based on that scan you can "connect" to a device. There is no concept of pairing to a device.
From my previous experience using bluetooth on my phone (when connecting to my car and my bluetooth speaker), I have to pair the device at the Android OS.
I am curious, from a high level, what are the differences between pairing a device vs connecting to a device. In addition, more specifically, what is the difference between pairing a device within the OS, vs scanning and connecting to the device from an app?
At a high level, you will always use "connect" to connect to a device, but you may have to "pair" the devices first. Bluetooth pairing is a security procedure. A one-off provisioning step that equips the two devices in a pairing with a series of shared security keys which allow communication to be encrypted.
A Bluetooth Low Energy device can have three levels of security, the lowest of which pairing is not required, and then two levels that require pairing.
A device opting to use No Pairing provides the greatest simplicity but obviously, no security. Communication is not encrypted and any other device can connect.
The two pairing method that can be used provide the same level of security when connected. However, during the pairing procedure itself, one of the two methods is more secure than the other.
Passkey Pairing is the most secure of the two procedures and requires a 6 digit number to be entered. This offers protection against machine-in-the-middle (MITM) attacks.
Just Works Pairing is not as secure but it does not require you to enter anything and therefore is very simple to use.
Once a pairing is established, then connection can happen without the need to establish pairing every time.
More detailed explanation of the pairing options are available at:
https://www.bluetooth.com/blog/bluetooth-pairing-part-1-pairing-feature-exchange/
According to the Bluetooth Core Specification Version 5.2 | Vol. 1, Part A, Chapter 5.1 pairing is defined as
the process for creating one or more shared secret keys
The keys themselves are not shared but established using a procedure called Diffie-Hellman key exchange. This means that pairing is only necessary if a connection is encrypted. If you connect to a device that requires security measures on one of its characteristics Android will prompt the user of your app with a pairing request automatically.
Another term you might have heard is bonding, which is defined as:
the act of storing the keys created during pairing for use in subsequent connections in order to form a trusted device pair
Bonding allows a reconnection of your devices without another pairing process since the keys have been established before.
When using Bluetooth Low Energy (BLE) pairing a Device manually within the OS is not needed. You can always scan for a device that advertises its presence. As I said before: Pairing is handled by the OS automatically if needed.
We have a BLE device and android/ios app for communication with the device.
The requirement is to have an android/ios app connect to the device without any pairing request. No security is required on the device.
Hereafter a few questions around this:
Q1. Is it possible at all to have an android/ios app connect to a BLE
device without a pairing request?
Q2. Does the bonding required for
the BLE communication?
Q3. What is the downside of having the device
with no bonding? Is it going to drop the connection while the app is
running?
Q4. Who is the initiator or pairing dialog, the app, or the
device?
Q5. When having the device with Just Works security protocol,
with no bonding and no MITM protection, should we see a pairing
dialog?
Please see answers to your questions below:-
A1. Yes it is possible to do this because pairing and connection are two separate actions. Connection is when you establish a communication channel with a remote device, while pairing is when you exchange security keys with the device and have the option of encrypting that connection.
A2. No, pairing/bonding is not required for BLE communication but it is preferred in order to have extra features and extra security on that connection.
A3. No, having no bonding does not affect the stability of your connection/communication. There are a few downsides which include less security on the connection and also potential inability to find the device if privacy is implemented. More details are provided in the link below.
A4. The app is the initiator of the pairing dialog. Specifically, the central device (the one that initiates the connection) is the one that is responsible for initiating pairing. When this central device requests to pair to the remote device, the pairing dialog is shown.
A5. I believe this is dependent on the OS type (Android/iOS) and the version number of that OS, but generally speaking the pairing dialog should not pop up because as the name suggests, it should just work. Pairing dialog pops up when MITM protection is requested.
You can find more details about pairing/bonding and general BLE communication is the answer below:-
Should one create a bond with a Bluetooth LE device
I would also recommend trying the nRF Connect app on both iOS and Android to see the difference between connection and bonding and to verify that you can have normal connections without pairing.
Based on what we got working and based on the answers to this question.
A1: Yes, it's possible if no MITM is set and the Security scheme is set to Just Works, which means no security at all.
A2: Bonding is not required for BLE communication. If the BLE device can't store the Bond information, it may lead to some issues as we got in our case. If the BLE device is able to store and use Bond information then it's recommended to Bond.
A3: The Connection will not be closed. The only downside we got is that now it takes a little more time to reconnect.
A4: The app is initiating the connection, but the dialog is shown only if the BLE device requests some type of security, it can be MITM, encryption, pin. Short answer, the pairing dialog can be avoided by changing the settings on the BLE device.
A5: When having the device with Just Works security protocol, with no bonding and no MITM protection the pairing dialog should not be presented. We got no pairing dialog experience on both iOS and Android.
To add to Youssif's answer:
A3: one difference is that connection setup will be faster since bonding allows the GATT db cache to be used. Otherwise service rediscovery must be done on every connection (if the service changed characteristic is present).
A4: on Android you can call createBond to start pairing, but on iOS there is no API for the security, so either you need to interact with a characteristic that sends an error that pairing is needed, or the remote device can send a Security Request to initiate pairing.
A5: iOS shows a dialog "accept / abort" for just works, Android doesn't.
There isn't much documentation in regards to setting up a pin with a Bluetooth Low Energy peripheral device. In my Gatt service I have set the BluetoothGattCharacteristic.PERMISSION_WRITE_ENCRYPTED_MITM and receive a GATT_INSUFFICIENT_PERMISSION message in my log upon attempting to write to the Bluetooth Write Characteristic I have set up. I was wondering what the process is for enabling encryption for the peripheral.
Thanks
Bluetooth LE requires to devices to be bonded (paired) before they can successfully encrypt transmissions used to read/write a given characteristic. Android does not handle this process for you, so you will need to initiate pairing between the two devices before any GATT transactions are attempted.
With the current Android Things previews, development of the Settings app (which generally handles much of the device pairing process) is heavily in flux. As such, traditional workflows for pairing a device are likely not to work at the moment until these changes are complete.
You could try initiating a pairing request from your Android Things device via createBond(), listening to the ACTION_PAIRING_REQUEST broadcast, and applying the necessary PIN code with setPin(). Some combination of those may work for you in the short term until a more official solution is available.