Everything You Always
Wanted to Know About
Security in Bluetooth 4.2

A few weeks ago, the Bluetooth Special Interest Group (SIG) released the new Bluetooth® 4.2 core specification. This new release is the most connected, most secure, and most power-efficient specification to date. Bluetooth 4.2 contains feature updates in security, privacy, and extended data packet length. In this blog post, we introduce you to the security feature and show you how to leverage it in your product design.

What Does Bluetooth 4.2 Mean to Developers?

Bluetooth LE Secure Connections

Bluetooth 4.2 introduced a new security model, Bluetooth Low Energy (LE) Secure connections. Bluetooth LE Secure Connections uses an algorithm called Elliptic curve Diffie–Hellman (ECDH) for key generation and a new pairing procedure for the key exchange.

The main goal of the Bluetooth Security Manager is to set up tools and procedures to enable secure connections and protect the communication from passive eavesdropping and man-in-the-middle attacks.

Using Bluetooth LE Secure Connections, with the ECDH algorithms to generate public/private key pairs, the Security Manager protects the communication from passive eavesdropping regardless of the I/O capabilities and pairing methods (numeric comparison, just works, passkey entry, and out of band) you will be using in your applications. It will provide protections from man-in-the-middle (MITM) attacks if the application uses numeric comparison, passkey entry, and out of band as the pairing method.

Adding Bluetooth LE Secure Connections to Your Products

You need to upgrade the security manager in your Bluetooth stack to support the following:

  • Generation and management of ECDH keys
  • Bluetooth LE Secure Connection pairing requests
  • Generation of ECDH keys and long-term keys (LTK)
  • Generation and exchange of cross transport keys

Once the pairing initiator and responder implement support for Bluetooth LE Secure Connections, the pairing can be started by the master sending out a pairing request, or the Slave sending out a security request. The new Secure Connection bit in the Authentication Requirement Flags will indicate to the receiver that a secure connection is being requested for the existing connection.

Pairing is the process of generating and exchanging several keys for encryption and authentication.Then you could move to Phase 2, based on the I/O capabilities of both sides, and establish an encrypted connection.

For technical details, please refer to Bluetooth Core Specification version 4.2 Volume 3 Part H. 

Happy coding!


Bluetooth 5: Go Faster, Go Further

Download this comprehensive overview to discover how Bluetooth 5 significantly increases the range, speed, and broadcast messaging capacity of Bluetooth applications, making use cases in smart home automation, enterprise, and industrial markets a reality.


Related Resources

Lessons and Growth in Bluetooth Angle of Arrival & Departure

Bluetooth 5.1 features Angle of Arrival (AoA) and Angle of Departure (AoD). See a…

  • SIG Member

Unlocking the Potential of the Smart Home

See how the Bluetooth Smart Home Subgroup is making intelligent and integrated smart home…

Inside Bluetooth Direction Finding and More

Watch Wiliot’s Steve Statler and the Bluetooth SIG’s Ken Kolderup discuss the newest Bluetooth…

  • SIG Member

Leveraging Sensors to Support Location Based Marketing

The world of location-based marketing is rising rapidly as advertisers are realizing the value…

  • SIG Member

How to Make Wearables Bluetooth Mesh Provisioners

Learn how to create applications for smartwatches and other platforms that can monitor and control nodes in a Bluetooth mesh network.

2019 Bluetooth Market Update

Supported by updated forecasts from ABI Research and insights from several other analyst firms, the Bluetooth Market Update highlights the latest Bluetooth trends and forecasts.

Intro to New Features in Bluetooth Core Specification v5.1

Learn what’s new in the most recent release of the Bluetooth core specification. Topics…

Asset Tracking at Scale Using Bluetooth Low Energy

Watch Rigado co-founder and CTO Justin Rigling in this 30-minute webinar where he discusses why Bluetooth low energy in Asset Tracking is the right choice.

  • SIG Member

An Introduction to Web Bluetooth

Provides foundation-level information and hands-on labs that walk you through using Web Bluetooth APIs.