Hardware Reference
In-Depth Information
Encryption
This mechanism consists of the full encryption of all packets transmitted over an
established connection.
Privacy
The privacy feature allows an advertiser to hide its public Bluetooth address by
using temporary, randomly generated addresses that can be recognized by a scanner
that is bonded with the advertising device.
Signing
With this mechanism, a device can send an unencrypted packet over an established
connection that is digitally signed (i.e., the source of which can be verfied).
Each of these three mechanisms can be used independently from the others, and the
application, in conjunction with the host, has the choice of enforcing any of them con‐
currently.
Security Keys
Each of the three types of security mechanisms requires a key or a group of keys to be
established. These are the keys that are exchanged and stored to allow for the security
mechanisms to be enforced:
Encryption Information (Long Term Key or LTK) and Master Identification (EDIV,
Rand)
This is a 128-bit encryption key shared by both sides (LTK) along with two values
(EDIV, Rand) acting as its identifier, since a device may be bonded with multiple
other peers.
Identity Information (Identity Resolving Key or IRK) and Identity Address Information
(Address Type and Bluetooth Device Address)
The IRK is used to implement privacy: it can generate and resolve resolvable ad‐
dresses (see
“Address Types” on page 44
) that protect an advertising device from
being tracked by malicious peers. The actual public or static random address of the
device distributing it is included along with the IRK.
Signing Information (Connection Signature Resolving Key or CSRK)
A key used to digitally sign unencrypted data.
Each of these keys or key sets is
asymmetrical
and
unidirectional
: it can be used only in
the same role configuration in which they were originally generated. If the devices wish
to switch Link Layer roles (master and slave) in subsequent connections, then each side
must distribute its own set of keys for each key type. Devices negotiate the number of
keys distributed in each direction, which can range from zero to all three key types in
each direction, for a total of six keys distributed between peers (three from slave to
master and three from master to slave).
