This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC2650MODA: BLE 4.2 Security on Dual MCU Solution (MSP432+CC2650MODA)

Part Number: CC2650MODA
Other Parts Discussed in Thread: CC2640, CC2640R2F, CC2650

Hello all,

I have a project that utilize TI dual mcu solution which is MSP432 + CC2650MODA (SNP firmware) that acts as BLE peripheral.
The BLE central would be an Android or iOS Smartphone in my project scheme.

Security is one of key requirement on my project and since I also quite new to this BLE world but I have slight experience on cryptography on embedded such as polarssl.
So I tried to find as much information as I could about BLE 4.2 security feature and also read the limitations for SNP on CC2640 SNP API Guide, but I need help to verify and clear my understanding about this whole things.

My project obviously requires the peripheral for not having input or output and from what I read this shall left me with Just Works association model that results in unauthenticated communication and no Man In the Middle (MITM) protection.
However the pairing process of Just Works is said to be the same with Numeric Comparison except for the last 6 digits that should be verified and that is not performed on Just Works.

So my questions are:

  1. I wonder for Just Works case, especially in regard to this dual MCU solution, does this mean that ECDH process on pairing has been automatically performed by CC2650MODA (on its stack)?

  2. What about the end of pairing process which results in Long Term Key Calculation, is there any SNP API that I can access to get the LTK?
    I only found SNP Set Security Parameter and SNP Set Authentication Data but it seems that it has nothing to do with key, please advise if it is not true.

  3. If I set the security request on SNP Set Security Parameter, then I will do the LE secure pairing with Just Works association model.
    Does it also implies that my data communication through GATT are encrypted? (I think I will buy BLE sniffer to verify this one)

  4. Since this left me on unauthenticated communication due to Just Works, are there any advice to achieve authenticity?
    Should I implement my own authentication or maybe key management/distribution on application layer by utilizing cryptographic library (ported to MSP432) and create data exchange (key, user input, nonce random, etc) through a characteristic on GATT layer?

Pardon me for the long post, I hope you all have a good day.

Best regards,
Pranata

  • Hi Pranata,

    Whether you do pairing from an embedded single BLE MCU or dual-chip network processor configuration, the LE pairing (Secure Connections or Legacy) is handled by the BLE processor since both the BLE Host & Controller execute on the CC2650 / CC2640R2F. The LTK is stored locally on the wireless MCU bond manager, so there is no API or need to retrieve the LTK.

    If you configure your GATT characteristics(s) to require encryption, then pairing must be completed and encryption enabled before the client can access that characteristic.

    If you are not using an authenticated LE pairing association model for MITM protection, then you would need to define this at the application layer, such as how you have described with a custom GATT service. We don't provide examples of this, but you can exercise the available crypto functions on the device to define and implement your application.

    Best wishes
  • Hi JXS,

    Thank you that was very helpful to clear my understanding.
    I think since I don't have any other options beside Just Works I will try to create challenge response method on custom GATT characteristic for authentication.

    I will see the crypto library that you provide.

    Thank you,
    Pranata