Bluetooth 5 · Bonding · Security

Security Manager (SM) in Bluetooth Low Energy

This blog is describe how the bonding / pair works on the Bluetooth Low Energy.

In the Bluetooth Core Specification, there are three major architectural layers: Controller, Host and Application. Security Manager (SM) at the Host layer is to define the methods and protocols for pairing and key distribution, the corresponding security toolbox and Security Manager Protocol (SMP).

This image has an empty alt attribute; its file name is image-11.png

Pairing is performed to establish keys which can then be used to encrypt a link. A transport specific key distribution is then performed to share the keys. The keys can be used to encrypt a link in future reconnections, verify signed data, or perform random address resolution. In general, there are 3-phase for paring.

  • Phase 1: Pairing Feature Exchange
  • Phase 2 (LE legacy pairing): Short Term Key (STK) Generation
  • Phase 2 (LE Secure Connections): Long Term Key (LTK) Generation
  • Phase 3: Transport Specific Key Distribution

There are two difference pairings on the bluetooth specification.

  1. LE Legacy pairing
  2. LE Secure Connections (ready on the Bluetooth 4.2 specification)

There are five very good documents from the Bluetooth SIG Blog on the bonding / pair.

Pairing Feature Exchange

Key Generation Methods

Legacy Pairing Passkey Entry

LE Secure Connections – Numeric Comparison

Legacy Pairing – Out of Band

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.