BLE Legacy Pairing

Security Manager Protocol (SMP)

The services and keys used between two devices are determined during pairing. The Home Automation Android Application sets up the pairing procedure and the SMP performs it as needed.

Legacy Pairing mechanisms

The pairing techniques introduced in Bluetooth version 4.0 and 4.1 are known as BLE Legacy Pairing mechanisms. In BLE Legacy Pairing, a Short Term Key (STK – 128-bit temporary key) is generated.

Security in the pairing mechanism is carried out in the following steps:

  • Pairing feature exchange
  • Key generation
  • Transport-specific key distribution

1. Pairing feature exchange

This procedure exchanges information between devices on I/O capability, requirement for MITM (Man in the Middle Attack) protection and support for Out of Band (OOB) pairing. Based on those features, the devices select one of three BLE legacy pairing mechanisms:

  • Just Works: In Just Works, no user intervention is necessary; however, this mechanism is prone to passive eavesdropping. (For details, refer to the Bluetooth Core Specification.) Just Works is chosen when no MITM protection is required and when both the devices are characterized by the No-input and No-output capabilities, or at least one of them.
  • Passkey Entry: In Passkey Entry, the user must enter a 6-digit passkey to authenticate the devices.
  • Out of Band (OOB): In OOB, an external means of communication (i.e., a technology other than Bluetooth) is used to communicate the pairing information.

2. Key generation

The procedure for generating keys is the same for each pairing mechanism. However, the pairing mechanisms use different Temporary Keys (TK) to generate the Short Term Key (STK) that is used further for encrypting the connection. For Just Works, TK = 0; for Passkey Entry and OOB, TK = 6-digit input from user.

In Just Works, the STK is generated as follows:

  1. The Initiating and Responding devices involved in the pairing procedure generate unique Confirm Values using TK and a random number.
  2. The devices exchange generated Confirm Values.
  3. The Initiating device sends its locally generated random number to the Responding device.
  4. The Responding device generates the Confirm Value with the random number sent by the Initiating device.
  5. The newly calculated Confirm Value is compared to the one calculated locally. If there is mismatch, then the Responding device aborts the pairing procedure.
  6. If the values match, then the Responding device sends its random number to the Initiating device.
  7. With the received random number, the Initiating device calculates a new Confirm Value and compares it to the local Confirm value. If there is mismatch, then the initiating device aborts the pairing procedure.
  8. Otherwise, both devices proceed. Each one calculates the STK using the TK and the locally received random number.

3. Transport-specific key distribution

If specified in the pairing feature exchange, the Identity Resolving Key (IRK) and Connection Signature Resolving Key (CSRK), both generated keys, are exchanged in this optional phase of the pairing mechanism.

  • IRK: In BLE, devices are characterized by address types like Public, Resolvable and Non-Resolvable. IRK is used to decode the resolvable address.
  • CSRK: This key is used to sign data, allowing authenticated data to be sent over an unencrypted connection.