passkey pairing without bond

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
TaSa_2191066
Level 2
Level 2
First like given

Dear broadcom、

hello,

I'm developing a device with BCM20737S SiP module and SDK 2.2 on OS X or SDK 2.2.1 on windows, and am searching for a way to realize passkey-pairing without saving exchanged keys, because iOS / Android 's bonding frequently behaves in unexpected ways.

I tried the following code and succeeded in doing this ( = passkey pair without bonding ) , but I wonder if this causes any side effect.

I don't care that users are forced to enter passkey every time, knowing that this lessen the security to a certain extent.

```

diff --git a/my_device/my_device.c b/my_device/my_device.c

@@ -626,8 +626,8 @@ void my_create(void) {

                        LESMP_OOB_AUTH_DATA_NOT_PRESENT,   // OOBDataFlag,

#endif

#ifdef PASSKEY_PAIRING

-                       LESMP_AUTH_FLAG_BONDING                         // AuthReq,

-                       | LESMP_AUTH_REQ_FLAG_MITM,

+                       /*LESMP_AUTH_FLAG_BONDING                       // AuthReq,

+                       | */LESMP_AUTH_REQ_FLAG_MITM,           // only passkey is required

#else

                        LESMP_AUTH_FLAG_BONDING,                        // AuthReq,

#endif

```

Please kindly let me know any slightest info or related discussions you aware of.

Best,

Takashi

0 Likes
1 Solution
Anonymous
Not applicable

Hello.

From what I researched from google:

"The terms pairing and encryption are basically the same within the context of BLE, but bonding is not the same as pairing. It is also important to note that both encryption and bonding are necessary in order to access authenticated GATT operations. You cannot perform authenticated operations if you only encrypt the link."

So if you have any attributes that need authentications in your GATT DB, you might not be able to access them without bonding. However, I haven't tested this myself. Maybe keep that in mind?

James

View solution in original post

0 Likes
7 Replies