Four Ways to Pair Bluetooth Devices

Turn on the Bluetooth of the mobile phone/watch, you can see the scanned Bluetooth in the list, and click to realize the pairing function. In some cases, the Bluetooth pairing needs to enter the pin code, how many types of Bluetooth device pairing are there?

SSP (Secure simple pairing), pairing methods after Bluetooth 2.0, there are four types of simple and secure pairing, among which Out of Band is rarely used, as follows:

Numeric Comparison

Both sides of the pairing display a 6-digit number, and the user checks whether the numbers are consistent, and input Yes/No. Yes on both ends means they are consistent and they can be paired, which can prevent man-in-the-middle attacks.

Usage scenarios: Devices at both ends can pop up 6-digit decimal numbers, and have yes and no buttons.

Passkey Entry

The pairing target enters a 6-digit number displayed on the local device, and the input is correct to pair and prevent man-in-the-middle attacks.

Usage scenario: One end device can display, and the other end device can input.

Just Works

No authentication is performed, and man-in-the-middle attacks cannot be prevented. It is used for pairing devices that do not display any input and can be paired by actively initiating a connection. The user cannot see the pairing process and cannot prevent man-in-the-middle attacks, such as connecting a Bluetooth headset.

Usage scenario: It is used for devices that cannot display 6-digit random numbers or input them.

Out of Band

The two devices exchange pairing information through other means, such as some NFC Bluetooth speakers.

These four pairing modes require secure encryption for Bluetooth connections in both Classic and LE, which involve the key generation and identity authentication, and the interaction in this process is completed through pairing.

1. The four pairing methods in Classic are the four modes in SSP simple pairing. The Bluetooth pairing process mainly prevents two kinds of attacks, MITM (man-in-the-middle (MITM)) man-in-the-middle attack and passive eavesdropping passive listening attack. All four pairings, except JUSTWORK, prevent both attacks. Since JUSTWORK does not involve human-computer interaction, it cannot prevent MITM man-in-the-middle attacks. (Insert a sentence, the traditional Bluetooth PIN CODE pairing method is derived from these four SSP simple pairing methods because it cannot prevent passive monitoring attacks (exhaustive PIN codes).)

2. LE pairing in BLE is divided into LE LEGACY pairing method in version 4.0 and BLE Secure Connection pairing method introduced in BLE4.2 version. In the former LEGACY, there are three pairing methods, JUSTWORK, PASSKEY ENTRY, and OOB. JUSTWORK still cannot prevent MITM. In addition, due to the defect of the key generation method, the LE LEGACY pairing method cannot prevent passive monitoring attacks (OOB can be prevented because the use of Non-air transmission interaction) Because of this, the BLE4.2 version also introduced Secure connection into BLE (why, because there is also a SECURE CONNECTION method in CLASSIC mode...), BLE Secure connection and CLASSIC's SSP use the same ECDH encryption method, so the security is restored to the same level, which can prevent passive monitoring attacks. BLE SECURE CONNECTION pairing has four more pairing modes, JUSTWORK, PASSKEY ENTRY, NUMERIC COMP., and OOB, which are also similar to SSP, JUSTWORK cannot prevent MITM