Is "Just Works" allowed in BLE Secure Connections Only Mode (Mode 1 Level 4)?
Assuming the pairing request from central to peripheral looks like this:
Then the pairining would use Secure Connection, but with the Authentication Method "Just Works" because of the IO-Capabilites of the initiating device.
My question is: Can this connection still be considered Mode 1 Level 4 aka. SCO?
Solution
Found the answer:
According to this table, when at least one device has the MitM-bit set, neither of them has the OOB bit set and the initiating device has NoInputNoOutput as its IO-capabilites, then JustWorks Unauthenticated will be used. This means, that it is not an authenticated pairing, therefore it does not fulfilll the requirements for being mode 1 level 4 and the state of being can not be called "Secure Connections Only Mode"
- When should I use the deny access functions in Symfony 4.4 controllers?
- Install two traefik ingress controller on same kubernetes Cluster
- Logon events from within credential provider
- How to give access to my API for a mobile app?
- How to verify a JWKS's integrity and authenticity
- Changes in the front-end (Vue.js) part of the PatrolHears project (open source code)
- What TargetName to use when calling InitializeSecurityContext (Negotiate)?
- java.security.NoSuchAlgorithmException:Cannot find any provider supporting AES/ECB/PKCS7PADDING
- Which procedure is more secure for encryption using Password and Seed
- Source security group isn't working as expected in AWS
- Google Authenticator available as a public service?
- Where do you store your salt strings?
- Can other software programs deny access to data sealed in a PCR of a TPM by extending measurements to that PCR?
- How do I skip certains rules for parameter in a path in ModSecurity?
- Facebook image URLs - how are they kept from un-authorised users?
- How to serve attachments privately using Rails?
- java.lang.SecurityException: Permission Denial: starting Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER]
- <app> would like to access data from other apps - macOS Sonoma
- IdentityServer4 and SSO
- How to prevent Screen Capture in Android
- Prevent QR code from being copied and QR code should be scanable by my mobile app only
- How to pin the Public key of a certificate on iOS
- Preventing to send requests from different devices
- Clarification regarding SOC-2 compliance in multiple locations
- Difference between processes running in kernel mode and running as root?
- How can I make a file trully immutable (non-deletable and read-only)?
- Is my password safe in a pyinstaller .exe?
- Flask File Handling: Werkzeug Vs Flask-Uploads
- Symfony Voter constant usages
- Threat detection with Sysmon .csv log using Sigma Rules