STM32WB BLE Secure Connections Overview

Slide Note
Embed
Share

This detailed content provides insights into the secure connections in STM32WB BLE devices, covering aspects such as BLE security methods, encryption techniques, pairing processes, key distribution, and security modes and levels. It emphasizes the use of Long Term Keys (LTK), Diffie-Hellman key exchange, Elliptic Curve Diffie-Hellman cryptography, and various security modes for link and application layers in BLE devices. The content explains the transition from legacy BLE connections to the more secure LE Secure Connections, highlighting the use of stronger security features in BLE 4.2 devices and above.


Uploaded on Sep 20, 2024 | 0 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. STM32WB BLE Secure Connections (BT 4.2/5.0 (2M))

  2. BLE Security 2 BLE uses 4 pairing methods: Just Works Out of Band Passkey Entry Numeric comparison (only secure connections) 4.2 BLE uses 2 security levels: Legacy Pairing Short Temporary Key (STK). STK will be created to encrypt connection. Then, if bonding, LTK will be used for subsequent connections. Secure Connections Long Term Key (LTK). LTK will be created to encrypt connection and then exchange using Public Key Exchange (Diffie-Hellman)

  3. LE Pairing with Secure Connections Encryption 3 Peripheral (slave) Central (master) Pairing Request Phase I Pairing Response Public Key Exchange (Diffie-Hellman) Phase II Authentication Stage 1 (just works,#comparison,passkey,OOB Authentication Stage 2 (LTK computation) Establish LTK-based Encryption Key Distribution(IRK,CSRK) Phase III Key Distribution(IRK,CSRK)

  4. Authentication stage 1 (# comparison) 4

  5. Secure Connection (4.2 devices and above) 5 BLE 4.2 devices are backwards compatible with BLE 4.0 and 4.1 devices. BLE 4.2 are also capable of creating LE Secure connections. Instead of using a TK and STK, LE Secure Connections use a single Long Term Key (LTK) to encrypt the connection. This LTK is exchanged/generated using Elliptic Curve Diffie Hellman (ECDH) public key cryptography which offers stronger security compared to the original BLE key exchange protocol. In LE Secure Connections, both phase one and phase three of the pairing process are the same as they are in LE Legacy Connections. The differences occur during phase two of the pairing process. Both devices generate an ECDH key pair. The two devices will then exchange their public keys and then start exchanging values to generate LTK.

  6. Security Modes and Level 6 LE security Mode 1 (Link Layer): 1 no security 2 unauthenticated pairing with encryption 3 authenticated pairing with AES-CCM for link encryption 4 authenticated LE secure connections pairing with encryption. Use of Elliptic Curve Diffie-Hellman (ECDH) for Public Key generation and AES-CCM for link encryption. Authenticated Pairing Pairing is performed with MITM protection Unauthenticated Pairing Pairing is performed without MITM protection LE security Mode 2 (ATT layer): not implemented

  7. SECURITY AND NVM (example) 1/3 7 Peripheral (slave) Central (master) Device initialization aci_gap_IO_capability (keyboard/display) aci_gap_IO_capability (keyboard/display) aci_gap_set_auth_requirement (MITM, fixed pin=0x000012354, bonding=1,SC_Support=0x00) aci_gap_set_auth_requirement (MITM, no fixed pin, bonding=1,SC_Support=0x00) Create connection aci_gap_set_discoverable Aci_gap_create_connection CONNECT_REQ connection_complete connection_complete Pairing/ authentication/ encryption aci_gap_send_pairing_req aci_gap_pass_key_req_event aci_gap_pass_key_resp (0x00001234) hci_encryption_change(encryption enabled) hci_encryption_change(encryption enabled) event_blue_gap_pairing_complete event_blue_gap_pairing_complete

  8. SECURITY AND NVM (example) 2/3 8 Peripheral (slave) Central (master) aci_gap_terminate Bonded devices - Keys are stored in RAM and in Flash disconnection_complete_event disconnection_complete_event aci_gap_set_discoverable Aci_gap_create_connection Aci_gap_send_pairing_req (no force rebond) hci_encryption_change(encryption enabled) hci_encryption_change(encryption enabled) event_blue_gap_pairing_complete event_blue_gap_pairing_complete aci_gap_terminate disconnection_complete_event disconnection_complete_event

  9. SECURITY AND NVM (example) 3/3 9 Peripheral (slave) Central (master) Unplug (or HW reset) one or both devices Device initialization aci_gap_set_discoverable Aci_gap_create_connection Aci_gap_send_pairing_req (no force rebond) Bonded devices Keys are stored in RAM and in Flash hci_encryption_change(encryption enabled) hci_encryption_change(encryption enabled) event_blue_gap_pairing_complete event_blue_gap_pairing_complete aci_gap_terminate disconnection_complete_event disconnection_complete_event

  10. EXAMPLE LE security mode1 level4 1/3 10 Peripheral (slave) Central (master) aci_gap_IO_capability (display yesno) aci_gap_IO_capability (display yesno) aci_gap_set_auth_requirement (MITM, no fixed pin, bonding, SC_Support=SC only mode) aci_gap_set_auth_requirement (MITM, no fixed pin, bonding, SC_Support=SC only mode) aci_gap_set_discoverable ADV_IND . . aci_gap_create_connection (peripheral address) CONNECT_REQ Aci_gap_proc_complete_event Aci_gap_proc_complete_event

  11. EXAMPLE LE security mode1 level4 2/3 Pairing features exchange 11 Central (master) Peripheral (slave) PAIRING REQUEST(IO capability, AuthReq, Initiator key distribution, Responder key distribution) aci_gap_send_pairing_req PAIRING RESPONSE(IO capability, AuthReq, Initiator key distribution, Responder key distribution) Pairing Public key Pairing Public key PAIRING CONFIRM (confirm value calculated using the confirm value generation function)

  12. EXAMPLE LE security mode1 level4 3/3 12 Central (master) Peripheral (slave) PAIRING RANDOM (random value used to calculate the confirm value=Mrand) PAIRING RANDOM (random value used to calculate the confirm value=Srand) Pairing DHKey Check Pairing DHKey Check Aci_gap_numeric_comparison_value_event Aci_gap_numeric_comparison_value_event aci_gap_numeric_comparison_value_ confirm_yes_no(yes) aci_gap_numeric_comparison_value_ confirm_yes_no(yes) aci_gap_pairing_complete_event Encryption enabled aci_gap_pairing_complete_event Encryption enabled

Related


More Related Content