Skip to main content

BLE Pairing vs Bonding

BLE pairing vs. bonding


Just a quick write up on the difference between pairing and bonding, since these terms get used interchangeably. I think this has to do with the usage of ‘pairing’ in Bluetooth Classic, or BR/EDR.
As far as Bluetooth LE is concerned, pairing and bonding are two very distinct things. The short explanations are that pairing is the exchange of security features each device has, and creating temporary encryption. Bonding is the exchange of long term keys AFTER PAIRING HAS OCCURRED, and STORING THOSE KEYS FOR LATER USE. Pairing is not the creation of permanent security between devices, that  is called bonding. Pairing is the mechanism that allows bonding to occur.
Pairing
Pairing is the exchange of security features. This includes things like i/o capabilities, requirement for man-in-the-middle protection, etc. The client side begins this exchange. The client essentially says ‘hey, i’d like it if you had these features’. The server replies, ‘yeah, well, this is what I can do’. Once this exchange is made, the security that will be used has been determed. For example, if a server supports just noInput/noOutput for i/o capabilities, the Just Works pairing mechanism is going to be used.
Once the pairing feature exchange is complete, a temporary security key is exchanged and the connection is encrypted, but only using the temporary key. In this encrypted connection, long term keys are exchanged. These keys are things like the (long term) encryption key to encrypt a connection, and also things like a digital signature key. The exact keys exchanged are determined by the security features of each device.
Bonding
This really just means that after the pairing features exchange and the connection has been encrypted (these two together are called ‘pairing’), and keys have been exchanged, the devices STORE and USE those keys the next time they connect. Keys can be exchanged using the bonding procedure, but that does not mean they are bonded if the keys are not stored and used the next time.
If a device is bonded with another device, like a heart rate monitor and a smartphone, they can encrypt the connection without exchanging any sensitive security information. When the smartphone connects to the heart rate monitor, it can just issue a ‘turn on encryption’ request, and both sides will use the keys already stored, so nobody snooping can see a key exchange and therefore decode the messages being sent, as is done when pairing.

Hope that clarifies!

Comments

Popular posts from this blog

The One Thing Nobody Has Told You About The Samsung Galaxy S8

The Samsung Galaxy S8 is about the first smartphone to feature Bluetooth 5, the latest standard of the wireless transmission technology. The Sony Xperia Z Premium will also have it, but it’s not due for a while yet. So what, you say? Well, it’s pretty neat and has plenty of new features, such as being twice as fast as the previous version, four times the range range (1000 feet) and more, providing you have devices capable of making the most of it. This has allowed Samsung to come up with something it calls Bluetooth Dual Audio, specified by Samsung on its website but hardly reported. And Bluetooth Dual Audio is even cooler. If you have memories of sharing earbuds with someone special so you can both listen to the same track, those memories are probably warm and rosy, tempered only by the lack of stereo available to both parties. So how much better would it be if you could both connect your own Bluetooth headphones to the same phone at the same time and stream the music to...
What’s new in Android 7.1 Nougat? Check out the video below for a quick rundown of the new Android 7.1 Nougat features. For clarification purposes, a distinction needs to be made between the Android 7.1 version found on the new Google Pixel phones and the Android 7.1 update coming to Nexus devices. For starters, the Nexuses don’t inherit the Pixel Launcher, so no Google Assistant, parallax wallpaper effect or the new wallpaper picker. Furthermore, some hardware-related features like the Pixels’ fingerprint scanner gesture controls and Night Light (aka Night Mode) also  won’t be coming to Nexus devices . A note on the Android 7.0 review Android 7.0 will be very familiar to anyone that has seen the latest Android N developer preview. Anyone that saw the Android N developer previews will no doubt see a lot of familiar Android Nougat features here. The builds are so similar that if you were running Android N dev preview 5, the official OTA for ...