SWRA793A October   2023  – November 2023 CC2340R5 , CC2340R5-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. Introduction
  5. Certification and Qualification
    1. 2.1 Bluetooth Qualification
    2. 2.2 Regional Compliance
  6. Reference Examples
    1. 3.1 CC2340 Chipsets
    2. 3.2 Flash and RAM Allocation
  7. Software Stack
    1. 4.1 BLE5-Stack Configurations
    2. 4.2 Software Offering
    3. 4.3 Supported PHYs
    4. 4.4 Supported Features
    5. 4.5 Multi-Connection
    6. 4.6 Coexistence (Planned)
  8. Security
  9. Performance and Test Data
    1. 6.1 Connection
    2. 6.2 Advertising
    3. 6.3 Stability Testing
    4. 6.4 Interoperability
  10. Tools and Development Support
    1. 7.1  SmartRF Packet Sniffer 2
    2. 7.2  Smart RF Studio 8
    3. 7.3  Energy Trace
    4. 7.4  Code Composer Studio
    5. 7.5  SimpleLink Connect App
    6. 7.6  Uniflash
    7. 7.7  Antenna Reference Designs
    8. 7.8  Design Review Service
    9. 7.9  SysConfig
    10. 7.10 BTool
    11. 7.11 GitHub
    12. 7.12 SimpleLink Academy
  11. Known Limitations
  12. References
  13. 10Revision History

5 Security

CC2340 parts implement a range of security features that are provided by hardware. These include: Device Identity, Debug Security, AES- 128-bit hardware acceleration, SHA256 and a Random Number Generator. More information on the hardware provided security features can be found in the CC2340R5 SimpleLink™ Bluetooth 5.3 Low Energy Wireless MCU. The TI-Bluetooth LE-stack, implements further security features to enable security for the Bluetooth communication including:

Network Security

As part of the Bluetooth LE specification there are several security features implemented as specified in the Bluetooth 5.3 specification. These are defined by the Security Manager Layer and define methods to pair and distribute keys and to perform secure connection and data exchange. The security features that are discovery and connection related are performed by the GAP (Generic Access Profile) layer.

The supported security features are:

  • Authentication and Authorization
  • LE Secure Connection features
    • Pairing (generating and exchanging keys)
    • Encryption (data is encrypted)
    • Association
    • Authentication (Pairing process uses association to support MITM (Man in the Middle protection)
    • Bonding (Bonding pairing process with storing keys for encryption sequence)
    • OOB (Out-of-band pairing)
    • MITM (Provides authentication to prevent attackers)
    • Just Works (no security)
  • Privacy (allows devices to generate new address to use over the air)
    • Public Device Address
    • Random Static Address
    • Random Resolvable Private Address
    • Random non-Resolvable Private Address

OAD Security

The TI Bluetooth LE-stack provides methods to authenticate the image that has been transferred on OAD process. Secure OAD uses ECDSA (Elliptic Curve Digital Signature Algorithm ) to sign and verify secure OAD images.

For verification of new images, TI offers an implementation of the MCUboot 32-bit secure bootloader.