• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 52 subscribers
  • Views 824 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

RTOS: CC2640: Security on my device

Mark Felberg
Guru 19990 points

Other Parts Discussed in Thread: CC2640, CC2640R2F

Tool/software: TI-RTOS

Hi everyone, I'm working with the CC2640 and with the project-zero. I read the various documentation of the SDK and I implemented the various security possibilities. Now my device is set to a default PASSKEY 0000, but I have several questions to ask you. I would like to access that device with the ability to change the password and, therefore, have more security. For example I turn on the device, I open the APP I connect and insert the default pass. Then he comes, Max and wants to access that device but I do not want it by default.

I thought about these solutions:

1) When I press the device button, it generates a random 4-digit password and takes the place of the default one
2) Change the password from APP
3) Create various passwords in the code and I will take a random request

What do you recommend? What could be the simplest solution. Also, is such a thing feasible?

  • 0
    TI__Mastermind 40880 points
    Hi,

    Are you using the CC2640 or the CC2640R2F? What SDK are you using?

    I'm a little curious as to what you're trying to do and there might be a misunderstanding here. The passcode is only used for the initial pair. Once the phones have paired and bonded and shared secrets, they will automatically connect and re-encrypt using the previously shared encryption information. Are you wanting to rebond every single time?

    I'm also not sure this would add more security, as the most vulnerable time in a BLE application for people listening in is when the devices pair for the first time. Subsequently, if the shared keys are used to re-encyrpt the link, eaves droppers are less likely to decode what's going on.

    I recommend going through the security fundamentals lab as well on SimpleLink Academy. dev.ti.com/.../
  • 0 in reply to Evan W
    Guru 19990 points
    Goodmorning , I working with CC2640R2F and its SDK development and I'm trying out the security hierarchies. I created a custom board CC2640R2F 4x4 and I'm creating a project with Bluetooth to open and close a control unit with the remote control. As a security level I would like that for every device I program, it must have its own security password for pairing to the smartphone. My idea was the default 0000 at the first connection, then I pressed a button and generated a random password for the next connection, so no one knows my password.
  • 0 in reply to Mark Felberg
    TI__Mastermind 40880 points
    Hi Mark,

    First, you can use a random number generator to create any number that you wish in the device and can display a random passcode. This is highly suggested and to not always default to 00000 at the beginning for new devices.

    Second, the passcode, is not a unique password that will be given to connect every time you connect. Once a device pairs and bonds the first time using a passcode, the devices will share encryption keys and be able to re-encrypt the link on the next without prompting passcode entry options.