4

I am looking at getting the most secure connection between two BLE devices without an I/O capabilities but I am slightly confused by what is going on.

So without I/O capabilities the highest security I can use is Security mode 1 and Security level 'Unauthenticated pairing with encryption'.

However I understand with BLE 4.2 there is the ECDH implementation (LE Secure) to protect against MITM attacks. However I can only see this option with Security mode 1 and 'Authenticated LE Secure Connections pairing with encryption... but this requires I/O capabilities.

However from what I can see implementing the ECDH is specifically for a situation where you have an insecure channel, i.e. no I/O capabilities. Does this mean that with Security mode 1 and security level 'Unauthenticated pairing with encryption' I am using the ECDH with MITM protection?

Any help would be greatly appreciated!

ConfusedCheese
  • 143
  • 3

1 Answers1

1

Unauthenticated pairing with encryption is vulnerable to man-in-the-middle attacks by virtue of being unauthenticated. The use of ECDH does not protect from active MITM attacks, only from passive monitoring. It is a misconception to believe that ECDH (or any other key exchange mechanism) on its own can protect against such attacks. Another answer explains how ECDH protects against only passive attacks, but is never able to protect from an active attack such as an MITM.

  • Unauthenticated pairing without encryption does not protect from any attack.

  • Unauthenticated pairing with encryption protects only from passive attacks.

  • Authenticated pairing with encryption protects from both passive and active attacks.

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
forest
  • 64,616
  • 20
  • 206
  • 257