Skip to main content

Security Schemes

This page describes the security/authentication mechanisms in use by the protocol.

Background

Each coordinator and device are required to have a public/private key pair, using an elliptic curve.

Association

There are several association key derivation schemes supported.

Key Based

In this scheme, the device will authenticate using its device key. The coordinator and device negotiate a shared session key (using ECDH, with their known public keys) to encrypt and authenticate all subsequent messages.

As part of the association, the coordinator issues a challenge (a random 32-byte blob) the device must sign with its device private key (using EdDSA/Ed25519) and return to the coordinator before being allowed on the network. 

Passphrase Based

This scheme is used when performing over-the-air pairing for a peripheral.

A session key is negotiated with the coordinator by using ECJ-PAKE, with the pairing code as the input.