2021-04-21 08:19 AM
I need to add application level security in my application using BLE. Where should the keys be stored so that they can be individually programmed in production and protected from readout ?
Additionally, where can I find if hci_le_encrypt is hardware accelerated or not?
Best regards
tm
2021-04-26 11:41 PM
They keys are automatically saved when bonding is made, in some specific flash area reserved by the stack.
User may enable flash readout protection to protect them being read.
Yes, hci_le_encrypt is hardware accelerated.
2021-04-27 12:21 AM
Hi Winfried, thanks for your reply. I understand how the BLE stack keys are stored. My question is if I want to add application level encryption (encrypt data before writing them to a characteristics). Is it possible to store my own keys in the same reserved area? How can I program them individually in production without rebuilding the firmware each time?