A Bluetooth® mesh network is like an exclusive club. If you’re a member of the club, you can enter the club and make use of those facilities and services which your membership type allows. If you’re not, you aren’t allowed through the front door, no matter what you say.

A Bluetooth mesh device is either a member of a particular Bluetooth mesh network, or it is not. If it is a member, it has the right to communicate, in at least a basic way, with other devices that are also members of that network. If it’s not a member, then anything and everything that device transmits will be ignored by other devices in the network.

A Bluetooth mesh device can be thought of as having a membership type as well, like having access to specific club amenities (gym, golf course, etc.), but not the entire club. It can only fully interact with certain devices in the network. The concept governing this is that of the application. For example, a Bluetooth mesh light switch can switch Bluetooth mesh lights on or off in the network as a consequence of each of those devices being part of the lighting application. The light switch cannot switch on the heating system because the heating system is not part of the lighting application.

For a device to become a member of a Bluetooth mesh network, it must be added to the network using a secure process called provisioning.

Security

Security is central to Bluetooth® mesh networking and we’ll cover the subject in detail later in this series. Adding or removing a device to/from a Bluetooth mesh network are both processes which have security requirements at their very heart.

Bluetooth mesh networking uses a system of different security key types to secure the network as a whole, as well as to secure and separate individual applications within the network. Being a member of a network and having the right to participate in a particular application is, in both cases, a consequence of a device possessing the right security keys. All nodes in a network possess a key called the network key or NetKey. It is possession of this key which makes a device a member of that network, i.e. one of its nodes.

Nomenclature

Earlier in the Bluetooth® Mesh Networking Series, we introduced the formal, technical terms device and node. You may recall that a device which is a member of a mesh network is called a node and one which is not is called a device. I’ll now use “Device” with an uppercase “D” to denote a device which is not yet part of a mesh network and continue to use “device” as I have been so far, to mean an electronic item in the more general, informal sense.

The Provisioner

Provisioning transforms a humble device into a node, a full-fledged member of a Bluetooth mesh network. The process is accomplished using an application, which is typically provided by product manufacturers for use on smartphones or tablets, but may take other forms, such as desktop or web applications.

The device running the provisioning application is called the provisioner. The provisioner must be physically secure, as it has a very special role to play.

The Provisioning Protocol

During provisioning, the provisioner and the Device to be provisioned communicate using a Bluetooth® mesh protocol called the provisioning protocol. The provisioner may use the provisioning protocol over either of the PB-ADV or PB-GATT bearers[i], ensuring that provisioner applications may be implemented on older smartphones, only requiring that they have support for Bluetooth Low Energy (LE) and GATT.

Adding a New Device to the Network

Adding a device to the network is largely concerned with providing it with the network key which all the other nodes of that network possess. And of course, that process must itself be secure so that malicious devices cannot eavesdrop on the communication which takes place whilst adding the new device and steal the NetKey.

When a new device is purchased and it needs to be added to an existing Bluetooth mesh network, users will employ the provisioner, together with instructions from the manufacturer of the new device, to add it to the Bluetooth mesh network.  This transforms the new device into a node and member of the Bluetooth mesh network.

The process involves several steps, depicted in the flow chart below.

The provisioning process

Step 1. Beaconing

The Bluetooth mesh network specification has introduced new GAP AD Types, including the <<Mesh Beacon>> AD Type[ii].

A device indicates its availability to be provisioned by using the <<Mesh Beacon>> AD type to advertise itself as an unprovisioned device. The user might need to start the new device advertising in this way by following a procedure described by the manufacturer, such as pressing a combination of buttons or holding down a button for a certain length of time.

The user will also start the “Add Device to Network” process within the provisioner, and this will cause it to receive the advertising packets from the beaconing device. Remember that the provisioner is likely to be a smartphone or tablet application, so in practical terms, this involves unlocking the smartphone, launching the application, perhaps logging into the app (for extra security) and employing its user interface to initiate looking for beaconing devices. In this way, the provisioner becomes aware of the new device and its readiness to go through the remainder of the provisioning process.

Step 2. Invitation

Next, the provisioner sends an invitation message to the device to be provisioned. The invitation takes the form of a provisioning Invite PDU, which is part of the provisioning protocol. The beaconing device responds with information about itself in a Provisioning Capabilities PDU.

The Provisioning Capabilities PDU provides information such as the number of elements it has and the provisioning-related algorithms it supports. It also indicates the types of input and output capabilities the device has, information which is used in the authentication step.

Step 3. Exchanging Public Keys

All Bluetooth® mesh devices, including the provisioner, support the FIPS P-256 Elliptic Curve Algorithm and therefore must have a public key. Asymmetric cryptography, based on this algorithm, is used to create a secure channel over which to perform the remainder of the provisioning process. To this end, the provisioner and device exchange their public keys. Note that the device may provide its public key via an out-of-band method, such as a QR code. We’ll focus on mesh security, including provisioning security, in a later article.

Step 4. Authentication

The provisioner makes use of its knowledge of the new device’s capabilities and sends a message to it, which instructs it to output either a single or multi-digit value in response to one of various supported user actions, such as pressing a button. The form that the value takes when output will vary, according to the device. One device might display a three-digit, numeric value on an LED panel while another might flash a red LED a number of times, the number of flashes being the output authentication value. The user of the provisioner will observe the value output by the device and enter it into the provisioner user interface.

The device and provisioner then exchange a cryptographic hash, derived from data which includes the random value which was output by the device, allowing them to complete the authentication of their peer.

Step 5. Distribution of the Provisioning Data

After authentication has successfully completed, a session key is derived by each of the two devices from their private keys and the exchanged, peer public keys. The session key is then used to secure the subsequent distribution of the data required to complete the provisioning process, including a NetKey and a unique address for the device, known as the Unicast Address.

After provisioning has completed, the provisioned device possesses the network’s NetKey, a Bluetooth® mesh security parameter known as the IV Index and it has a Unicast Address, allocated by the provisioner. The new device is now officially a node and a member of the Bluetooth mesh network.TU

Removing a Node from the Network

There will come a time when a node of a Bluetooth® mesh network needs to be removed. The device might have broken and needs replacing or it might need to be moved to another Bluetooth mesh network in another of the company’s offices in a different city. Equally, the device might have been sold with the expectation that the new owner will add the device to their own Bluetooth mesh network, using the provisioning process described above.

If a device malfunctions and cannot be repaired, you might be tempted to simply throw it in the trash. If you sell a device to someone, you could equally be tempted to simply take the money and forget about your old device. That would be unwise, however.

Nodes contain security keys which they were provided with through the provisioning process. Remember, that it is possession of the main NetKey which determines that a device is a member of a network and therefore has access to it. Leaving the keys relating to your Bluetooth mesh network inside a device when you throw it away or sell it could leave your network vulnerable to a trash can attack. Therefore, a secure procedure for removing nodes, which eliminates this concern, has been defined and will be described here.

Removing a node from a network involves two steps. First, the provisioner application is used to add the node to be removed to a reject list. Second, a process called the key refresh procedure is initiated.

The Reject List

Using the provisioner, the user must add the node to be removed to its reject list. The purpose of the reject list is simply to act as a list of those nodes which must not be issued with new security keys when the Key Refresh Procedure is initiated.

The Key Refresh Procedure

The key refresh procedure results in all nodes in the network, except for those which are members of the reject list, being issued with new network keys, application keys and all related, derived data. In other words, the entire set of security keys which form the basis for network and application security are replaced.

The user initiates key refresh using the provisioner and the provisioner creates and sends new keys to every node in the mesh network using configuration messages, except for those which are members of the reject list.

Low-power nodes will receive the new keys from their friend. As such, it may be some considerable time before they receive them and therefore, for the whole network to have its keys replaced.

Due to the fact that every Node will not receive its new keys at exactly the same time, the Key Refresh Procedure defines a transition period known as “Phase 2”, during which both the old keys and the new keys are used. Specifically, transmission uses the new keys, but nodes that support receiving messages use both the old and the new keys.

The provisioner informs all nodes that they should revoke the old keys when Phase 2 has completed and each node that is not reject listed has received its new keys.

At this point, the node which was removed from the network and which contains an old NetKey and an old set of AppKeys is no longer a member of the network and consequently, poses no threat.

Conclusion

Security is at the very core of the design of Bluetooth mesh networking technology. We’ve seen how this has manifested itself in those most fundamental of network management scenarios, adding new devices to the Bluetooth mesh network and removing them.

If that’s whetted your appetite for more information on Bluetooth® mesh network security, you’ll enjoy the next in our series of Bluetooth mesh articles where we give you a detailed tour of some of the most important Bluetooth mesh security features.

FEATURED DOWNLOAD

Bluetooth Mesh Models: A Technical Overview

In this detailed technical paper, Martin Woolley provides a guided tour of the Bluetooth mesh models, taking an in-depth look at building blocks critical to Bluetooth mesh interoperability.

INSTANT DOWNLOAD

How Espressif Built a Bluetooth Mesh Solution to Unlock the Infinite Potential of the IoT

As the preferred technology in the IoT, Bluetooth® technology enables a wide range of…

Interoperable Standards for Monitoring Energy in Networked Lighting Systems

Energy efficiency has been the key driver behind the widespread adoption of networked lighting…

How To Upgrade Your Luminaire With a Bluetooth Mesh Driver

Watch to learn a fast and easy way of making your luminaire smart and…

Updates to the Bluetooth Internet Gateway Study Guide

According to the ABI report Installed Base of IoT Devices by Connectivity Technology, published…

In Case You Missed It: What’s New With Blue This Summer

The Bluetooth® developer community is always pushing the technology forward, and this summer has…

Why Bluetooth Technology Is Lighting the Way

For years, there has been a widely held opinion that when it comes to…

New Core Specification v5.3 Feature Enhancements

One of the key reasons why Bluetooth® technology has emerged as the global wireless…

Bluetooth® Core Specification Version 5.3 Feature Enhancements

Bluetooth® Core Specification version 5.3 includes several feature enhancements with the potential to improve…

10 Resources That Showcase the Range and Reliability of Bluetooth Technology

Despite the overwhelming adoption of Bluetooth® technology across a wide range of global solutions…

Luminaire Level Lighting Controls and the Future of Healthy Buildings

As we build back from the pandemic, the building industry is rethinking how we…

Bluetooth Low Energy Innovations in Connected Vehicles That You Didn’t Know Of

The automotive industry is evolving at a fast pace. Modern automobiles are far from…

Connect: Car Access Demo

In this demo, Texas Instruments will discuss and demonstrate Bluetooth 5.1 and its cutting…

The Role of Lighting in Smart Buildings

Undoubtedly, everyone is aware of two types of lighting, i.e., wired and wireless. It…

Building Automation: Achieving Energy Savings of Over 90 Percent With Smart Lighting Sensors and Bluetooth Mesh

Intelligent sensors are becoming increasingly important in building technology. Modern sensor technology with high-performance…

How to Unlock the Full Potential of Networked Lighting Control Systems

A revolution is at hand. Intelligent luminaires are expanding beyond the standard on/off and…

State-Of-The-Art Smart Lighting In A Peace-Of-Mind Package

Retrofitting an energy efficient lighting scheme can involve a lot of upheaval and, with…

Intelligent Light Solutions For The Albrecht Dürer Exhibition

Intelligent light solution for the exhibition of Albrecht Dürer’s precious engravings at Palazzo Sturm,…

DALI Alliance intros new Bluetooth gateway spec for in-building mesh networks

The DALI Alliance, the trade group representing the DALI smart-lighting interface, has released a…

Bluetooth shipments to reach six billion by 2025

Annual shipments of Bluetooth-enabled devices are set to top six billion by 2025, according…

2021 Bluetooth Market Update

Supported by updated forecasts from ABI Research and insights from several other analyst firms, the Bluetooth Market Update highlights the latest Bluetooth trends and forecasts.

Intelligent Light solutions for the Albrecht Dürer Exhibition

Today, we are living in a world where smart is the new normal, and…

Bluetooth Mesh: A Healthier Wireless Option

At some point in the near future, nearly every object in the home or…

Designing and Developing Bluetooth® Internet Gateways

Learn about Bluetooth internet gateways, how to make them secure and scalable, and design and implement your own working prototype gateway and web application for use with either Bluetooth LE Peripherals or with Bluetooth mesh networks.

How to Deploy BlueZ on a Raspberry Pi Board as a Bluetooth Mesh Provisioner

This step-by-step study guide will teach you: How to rebuild the kernel on a…

2020 Bluetooth Market Update

Supported by updated forecasts from ABI Research and insights from several other analyst firms, the Bluetooth Market Update highlights the latest Bluetooth trends and forecasts.

The Bluetooth LE Security Study Guide

Learn about fundamental security concepts, the security features of Bluetooth Low Energy, and gain some hands-on experience using those features in device code.

2019 Bluetooth Market Update

Supported by updated forecasts from ABI Research and insights from several other analyst firms, the Bluetooth Market Update highlights the latest Bluetooth trends and forecasts.

Lighting as a Platform

See how connected lighting systems are being used as a platform to enable advanced building services like wayfinding, asset tracking, and space utilization to improve the ROI of smart building investments.

Build a Smarter Building with Blue

See how Bluetooth increases reliability, reduces costs, and enhances your smart building ROI.

Overview – Bluetooth Mesh Networking

A quick overview outlining how Bluetooth mesh uniquely meets the reliability, scalability, and security requirements of commerical and industrial markets.

 Get Help