Bluetooth low energy Encryption
The Long Term Key (LTK) in Bluetooth low energy is similar to the Link Key in Classic Bluetooth. It is a persistent key that is stored in both devices and used to derive a fresh encryption key each time the devices go encrypted. In the Sodera Security pane the LTK is entered in the Link Key field so the following discussion will use Link Key instead of LTK.
Bluetooth low energy Static Address Link Key Required
In this example a low energy device requires Link Key entry for the Frontline software to decrypt the data. To enter the Link Key click on Enter link key and type or paste in the Link Key in hex format.
Note: It is not necessary to precede the Link Key with "0x" to signify a hex format. The software will automatically add "0x" to the front of the Link Key.
Bluetooth low energy Enter Link Key
Press the Enter key or click outside the Link Key box. If the Link Key is valid the box will be green, beneath the Link Key will appear "Valid, and the Status will show an open, green lock indicating that decryption is enabled.
If the Link Key is not valid the box will be red, beneath the entered Link Key will appear "Invalid", and the Status will show a closed, red lock indicating that decryption is not enabled.
Bluetooth low energy Valid Link Key
Bluetooth low energy Invalid Link Key
Legacy Just Works Pairing
In this example the devices under test useLegacy Just Works pairing to calculate a Short-Term Key (STK) in order to securely transfer the device's Long-Term Key (LTK). The LTK is then used to encrypt the subsequent security contexts.
Bluetooth low energy Piconet Public Key and Private Key Encryption
PIN is a six-digit decimal number. If a passkey is required by the device "Enter passkey" will appear in the device's PIN/TK field.
Bluetooth low energy Passkey Decryption Not Enabled
This example uses Passkey Pairing to enable decryption. The user clicks on "Enter passkey" in the device PIN/TK field.
Bluetooth low energy Passkey Entry
Press Enter or click outside the field. If the Passkey is correct it will appear in the PIN/TK field with "Valid" appearing below the passkey, Link Key field will automatically fill with the Link Key that will show "Valid" and appear green. The Status field will show an open, green lock to show that encryption is enabled and the analyzer can show decrypted data.
If the entered Passkey is incorrect, the PIN/TK field will be red and "Invalid" will appear below the entered PIIN. The Status field will show a closed, red lock to indicate that encryption is not enabled.
Bluetooth low energy Passkey Decryption Enabled
Bluetooth low energy Passkey Invalid
Legacy Out-of-Band(OOB) Pairing
Out-of-Band (OOB) data is a 16-digit hexadecimal code preceded by "0x" which the devices exchange via a channel that is different than the le transmission itself. This channel is called OOB. For off-the-shelf devices we cannot sniff OOB data, but in the lab you may have access to the data exchanged through this channel.
If a device requires OOB data the device Link Key field will show "Enter OOB TK".