SWRU271I October 2010 – January 2020 CC2540 , CC2540T , CC2541 , CC2541-Q1 , CC2640R2F
The GAPBondMgr profile handles the initiation of security features during a Bluetooth Low Energy connection. Some data may be readable or writeable only in an authenticated connection. Table 5-1 defines the terminology used in Bluetooth Low Energy security.
Term | Description |
---|---|
Pairing | The process of exchanging keys |
Encryption | Data is encrypted after pairing, or re-encryption (a subsequent connection where keys are looked up from nonvolatile memory) |
Authentication | The pairing process completed with MITM (Man in the Middle) protection (passcode, NFC, and so forth). |
Bonding | Storing the encryption keys in nonvolatile memory to use for the next encryption sequence. |
Authorization | An additional application level key exchange in addition to authentication |
OOB | Out of Band. Keys are not exchanged wirelessly, but rather over some other source such as serial port or NFC. This also provides MITM protection. |
MITM | Man in the Middle Protection. This prevents an attacker from listening to the keys transferred wirelessly to break the encryption. |
Just Works | Pairing method where keys are transferred wirelessly without MITM. |
The general process to establish security is:
NOTE
You can skip steps. For example, you can to skip bonding and just re-pair after reconnecting. The GAPBondMgr uses the SNV flash area to store bond information. For more information on SNV, see Section 6.10