Repository: incubator-mynewt-site Updated Branches: refs/heads/master 42b6de544 -> dbce794f8
minor changes to ble_sec.md doc Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-site/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-site/commit/dbce794f Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-site/tree/dbce794f Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-site/diff/dbce794f Branch: refs/heads/master Commit: dbce794f8e540589fdf3dbeecae52f9785f8eb5a Parents: 42b6de5 Author: aditihilbert <ad...@runtime.io> Authored: Wed Jan 25 18:24:49 2017 -0800 Committer: aditihilbert <ad...@runtime.io> Committed: Wed Jan 25 18:24:49 2017 -0800 ---------------------------------------------------------------------- docs/network/ble/ble_sec.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-mynewt-site/blob/dbce794f/docs/network/ble/ble_sec.md ---------------------------------------------------------------------- diff --git a/docs/network/ble/ble_sec.md b/docs/network/ble/ble_sec.md index ad6fbc5..f374726 100644 --- a/docs/network/ble/ble_sec.md +++ b/docs/network/ble/ble_sec.md @@ -1,11 +1,11 @@ ## BLE Security -The Bluetooth Low Energy security model includes five distinct security concepts as listed below. For detailed specifications, see BLUETOOTH SPECIFICATION Version 4.2 [Vol 1, Part A]. -* **Pairing**: The process for creating one or more shared secret keys. In LE a single link key is generated by combining contributions from each device into a link key used during pairing. * **Bonding**: The act of storing the keys created during pairing for use in subsequent connections in order to form a trusted device pair. <font color="#F2853F">*Bonding is currently a roadmap item for Apache Mynewt.* </font> +The Bluetooth Low Energy security model includes five distinct security concepts as listed below. For detailed specifications, see BLUETOOTH SPECIFICATION Version 4.2 [Vol 1, Part A]. +* **Pairing**: The process for creating one or more shared secret keys. In LE a single link key is generated by combining contributions from each device into a link key used during pairing. * **Bonding**: The act of storing the keys created during pairing for use in subsequent connections in order to form a trusted device pair. * **Device authentication**: Verification that the two devices have the same keys (verify device identity) * **Encryption**: Keeps message confidential. Encryption in Bluetooth LE uses AES-CCM cryptography and is performed in the *Controller*. * **Message integrity**: Protects against message forgeries. -Bluetooth LE uses four association models depending on the I/O capabilities of the devices. <font color="#F2853F">*Apache Mynewt has first implemented support for "Just Works" only.*</font> +Bluetooth LE uses four association models depending on the I/O capabilities of the devices. * **Just Works**: designed for scenarios where at least one of the devices does not have a display capable of displaying a six digit number nor does it have a keyboard capable of entering six decimal digits. * **Numeric Comparison**: designed for scenarios where both devices are capable of displaying a six digit number and both are capable of having the user enter "yes" or "no". A good example of this model is the cell phone / PC scenario. * **Out of Band**: designed for scenarios where an Out of Band mechanism is used to both discover the devices as well as to exchange or transfer cryptographic numbers used in the pairing process. @@ -13,7 +13,7 @@ ###Key Generation Key generation for all purposes in Bluetooth LE is performed by the *Host* on each LE device independent of any other LE device. ### Privacy Feature -Bluetooth LE supports an optional feature during connection mode and connection procedures that reduces the ability to track a LE device over a period of time by changing the Bluetooth device address on a frequent basis. <font color="#F2853F">*Privacy support is currently a roadmap item for Apache Mynewt.*</font> +Bluetooth LE supports an optional feature during connection mode and connection procedures that reduces the ability to track a LE device over a period of time by changing the Bluetooth device address on a frequent basis. There are two variants of the privacy feature. * In the first variant, private addresses are resolved and generated by the *Host*. * In the second variant, private addresses are resolved and generated by the *Controller* without involving the Host after the Host provides the Controller device identity information. The Host may provide the Controller with a complete resolving list or a subset of the resolving list.