Score:1

What is ECDH used for in BLE Authentication?

in flag

I am currently new to the world of BLE and I came across this article which mentions ECDH.

In the diagram in part $3$, it generates the DHKey/shared secret (I am assuming this is the correct terminology based on google search) , but then once it's generated the diagram never references it ever again. What exactly is the point of it in this diagram? I know the shared secret is used to encrypt the link.

Is the diagram implying that the shared secret is the LTK? I am utterly stumped on this and would really be happy if someone can explain where the shared secret is exactly used.

kelalaka avatar
in flag
Your question is not clear for me, however, there was an [invalid curve attack](https://eprint.iacr.org/2019/1043.pdf) that may contain the answer for you. Note that once ECDH is exchanged, the key material is applied hashing to derive a key for the symmetric encryption...
Score:1
in flag

TLDR: Yes, the LTK seems calculated from the shared secret calculated in the block at the end. The diagram just shows the authentication.

The first calculations just confirm that the public keys and randoms are identical at both ends. This makes sure that there has been no man-in-the-middle, as the public keys would differ, and hence the check digits would differ as well. Note that the randomized values are used from both sides, so it should be impossible to inject a calculated random and get to the same value, but I haven't thoroughly analyzed the protocol. Obviously, there may have been found some weaknesses such as the invalid curve attack mentioned.

Note that function $\text{f4}$ is initialized with a keyed CBC-MAC in the standard. Furthermore it doesn't require the $\mathit{SKa}$ or $\mathit{SKb}$ variables - i.e. the private keys required for Diffie-Hellman key agreement. Hence, it is not the key agreement protocol. That is actually mentioned as a function named after the curve used in the protocol, e.g. $\text{P256}(\dots)$, and it is contained in the block called "Long Term Key Calculation".

Maarten Bodewes avatar
in flag
Boy, that BT spec is hard to read sometimes. Still haven't found out where that secret X is coming from for the MAC used in $f4$.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.