This page covers Bluetooth® Low Energy security features offered in the BM70. A user should have a working knowledge of BLE Security to gain a complete understanding of the way the BM7x operates and provides security.
The GAP Layer defines modes and procedures which relate to the security of a connection. The BM70 supports LE Security Mode 1 with four security levels as specified by the definitions in the GAP layer. In general, “LE Security mode 1” gains security by means of encryption and this will only be done after the connection has been established.
To keep it simple, when two connected devices who initially do not have security wish to do something which requires security, the devices must first pair. Pairing involves authenticating the identity of two devices, encrypting the link, and then distributing keys used for encryption (Bonding). The diagram below tries to captures what pairing involves. The level of security gained from all this is determined from the pairing method used and this is selected based on the I/O capabilities of each device.
Pairing Methods Supported
BM70 supports the following pairing methods:
The term "authenticated" here means the pairing method gives enough security to protect against “Man in the Middle” attacks. The term "unauthenticated" means the pairing method does not provide protection against “Man in the Middle” attacks, but pairing still occurs, keys are exchanged, and the link can still be encrypted.
Just Works and Passkey Display methods are considered "LE Legacy" pairing methods (available in BLE v4.0/v4.1). BLE v4.2 added the "Numeric Comparison" method, which meets the requirements of the Payment Card Industry (PCI) for Pin Transaction Security (PTS) Point of Interaction (POI) financial transactions, where BLE v4.2 must be used and the device must support Security Mode 1 level 3 or 4.
These methods are supported via the following I/O capability settings, which are available on BM70:
- No Input No Output
- Display Only
- Display Yes/No
- Keyboard Only
- Keyboard Display
The following table determines the pairing method (and thus the security level achieved) based on the BM70 device I/O capabilities.
Note that in a typical security scenario, the smartphone plays the role of Initiator and since it has both a keyboard and a display, has a fixed I/O capability (Keyboard Display), while a BM70-based Peripheral device would typically have the ability to Display (Send) a PIN key to the phone for verification (Display Yes/No I/O capability):
Q. For cells containing two pairing methods (i.e. Passkey Display + Numeric Comparison) - which one is used?
A. The method used depends on the capability of the peer device that is connecting to the BM70 (BM70 supports BLE 4.0/4.1/4.2).
BLE 4.2 peers will use Numeric Comparison, while BLE 4.0/4.1 peers will use **Passkey Display.
BM70 is capable of bonding with up to 8 peers. A "link priority" setting is also associated with each key set, indicating how recently the peer was connected with (1 being newest, while 8 being oldest).
When trying to bond/pair when the list is full, the module should return an error code in the command complete event. The error should indicate insufficient resources or memory. It is up to the host to delete a device to make room for the new one and retry the pairing sequence.
Applying a Security Level to a Connection
The first step is to establish the desired connection security level for the application.
Next, the characteristic attributes requiring authenticated access need to be configured as such.
Finally, the appropriate BM70 static/dynamic dynamic configuration parameters need to be configured in the module to enable a security level change to take place in a connection, and to be automatically applied on all subsequent re-connections.
Flow of Control
The diagram below shows the flow of control between a BM7x (acting as a GATT Server) and Peer Device (smartphone etc). The BM70 is connected to an MCU Host via UART interface (BM70-to-Host packets not shown):
Host MCU Interaction with BM70
The status/control messages (packets) that occur between the host and BM7x during the pairing process is based on the type of pairing method selected. The diagram below shows an example of the interaction based on the “Passkey Display” method with the BM7x being a 'Initiator' or ‘Responder’: