Other Parts Discussed in Thread: AES-128
Hi,
We are now using CC2564C with TI Bluetopia stack in our product, and our security team want to confirm the secirity level of SPP that the BT Protocol stack use.
I have search for the SSP - Security Simple Paring:
the security levels :
- Security Level 1 supports communication without security at all, and applies to any Bluetooth communication, but think of it as applying to unpaired communications.
- Security Level 2 supports AES-CMAC encryption (aka AES-128 via RFC 4493, which is FIPS-compliant) during communications when the devices are unpaired.
- Security Level 3 supports encryption and requires pairing.
- Security Level 4 supports all the bells and whistles, and instead of AES-CMAC for encryption, ECDHE (aka Elliptic Curve Diffie-Hellman aka P-256, which is also FIPS-compliant) is used instead.
Then the security modes:
- Security Mode 1 is those levels without signing of data
- Security Mode 2 is those same levels with signing of data, including both paired and unpaired communications.
- Mixed Security Mode is when a device is required to support both Security Mode 1 and 2, i.e., it needs to support signed and unsigned data.
So please point out which option the current Bluetopis stack is used, thanks a lot!
Regards
Shawn
