Under construction.png Coming soon

1. STM32WB-WBA - Bluetooth® Low Energy (BLE) Privacy

The STM32WB-WBA - Bluetooth® Low Energy (BLE) privacy feature reduces the ability to track a device over a period of time by changing the device address on a frequent basis.

The address of a device using privacy mode can be resolved using the Identity Resolving Key (IRK) which is one of the encryption keys exchanged during the pairing process.
The local device will add the remote devices in one Resolving list (to maintain remote device identity addresses) along with that IRKs and enables the Resolution, sets privacy mode and connects to the remote device with remote identity address.

2. STM32WB-WBA - Bluetooth® Low Energy (BLE) Addresses and Privacy

Bluetooth® Low Energy (BLE) devices have an identity address associated with each device.
A Bluetooth® Low Energy (BLE) address is a 48-bit value that uniquely identifies a Bluetooth® Low Energy (BLE) device.

There are two main types of Bluetooth® Low Energy (BLE) addresses: public and random addresses.

A Bluetooth device must use one of these types of addresses, and in some cases, it contains both types.

Bluetooth® Low Energy (BLE) Address types
Connectivity Privacy BLE addr types.png

The four Bluetooth address types are:
- Public Address
- Random Static Address
- Random Private Resolvable Address
- Random Private Non-Resolvable Address
Random Address and Private Address, as shown in the diagram, are simply classifications.

2.1. Public Address

The following diagram represents the simplified format of a Public Bluetooth® Low Energy (BLE) Address.

Bluetooth® Low Energy (BLE) Public Address
Connectivity BLE public addr.png

- Company ID: the publicly assigned portion of the address by the IEEE (MSB)
- Company Assigned: the internally assigned ID as part of the allocated block (LSB)

2.2. Random Address

Random addresses do not require registration with the IEEE.

A Random address is an identifier that is either:
- programmed into the device or
- generated at runtime (depending on the subtype).
The two subtypes of Random addresses are:
- Random Static Address
- Random Private Address

2.3. Random Static Address

This specific type of Bluetooth address serves as a popular alternative to Public addresses since there are no fees involved with using it.

Random Static Addresses can be used in one of two ways:

- It can be assigned and fixed for the lifetime of the device
- It can be changed at bootup
However, it cannot be changed during runtime.

The format of Random Static Addresses looks like this:

Bluetooth® Low Energy (BLE) Random Static Address
Connectivity BLE static random addr.png

- Bits 1 and 1 are fixed in the most significant bits (MSB)
- The remaining 46 bits are chosen randomly by the developer/manufacturer

There are two types of Random Private addresses:
resolvable and non-resolvable. Random Private addresses are used specifically for protecting the privacy of a Bluetooth device, to hide the identity, and to prevent tracking of the device.

2.4. Resolvable Random Private Address

The purpose of a Resolvable Random Private Address is to prevent malicious third-parties from tracking a Bluetooth device while still allowing one or more trusted parties from identifying the Bluetooth device of interest.

A Resolvable Random Private address is “'resolvable”' using a key shared with a trusted device.
This key is referred to as the IRK (Identity Resolving Key).

The address is originally generated using this IRK and a random number.

So, what makes a device “trusted” by another device?

In this case, a trusted device is a bonded device. Bonding is the optional step that takes place after the pairing of two BLE devices.
The Bonding process involves the storage of keys by each of the devices that are bonded with each other.
Bonding also allows the two devices to pair seamlessly in connection subsequent to the original connection when the two devices were paired.
One of the keys exchanged by the two bonded BLE devices is the IRK of each device involved.

This type of address changes periodically. The recommendation per the Bluetooth specification is to have it change every 15 minutes.

The format of Resolvable Private Addresses looks like this:

Bluetooth® Low Energy (BLE) Resolvable Private Address
Connectivity BLE resolvable random addr.png

- 0 and 1 are fixed in the most significant bits (MSB)
- The next 22 bits are randomly generated
- The prand constitutes of these most significant 24 bits
- The lower 24 bits represent a hash value which is generated using the prand and the IRK

2.5. Non-Resolvable Random Private Address

The other type of Random Private Address is the Non-Resolvable Random Private Address.

This type of address also changes periodically. However, unlike resolvable addresses, it is not resolvable by any other device.
The only purpose of this type of address is to prevent tracking by any other BLE device.

This type is not very common but is sometimes used in beacon applications.

The format of Non-Resolvable Random Private Addresses is as follows:

Bluetooth® Low Energy (BLE) Non Resolvable Private Address
Connectivity BLE non resolvable random addr.png

- bits 0 and 0 are fixed in the most significant bits (MSB) - The remaining 46 bits are chosen at random

3. How to use Resolvable Private Address (RPA)

In initialization sequence Ble_Hci_Gap_Gatt_Init in app_ble.c.

Set public address : aci_hal_write_config_data(CONFIG_DATA_PUBADDR_OFFSET,..).
Set static random address : aci_hal_write_config_data(CONFIG_DATA_RANDOM_ADDRESS_OFFSET,..).
One of these addresses will be chosen by the customer and is the proper address of the device.
Depending on the choice, it is defined with CFG_IDENTITY_ADDRESS in app_conf.h

This parameter is used in aci_gap_set_authentication_requirement and corresponds to SMP identity address type, which is now used as GAP identity address type when privacy is enabled.

Initialize the GAP layer. Register the GAP service with aci_gap_init.

3.1. First case - initialize the GAP layer with privacy enabled and use of the defined device address

aci_gap_init(CFG_PRIVACY = privacy_enabled)
Depending on the role of the device, to start advertising, scan request or connection request, Own_address_type must be set to RPA (0x02) (or NRPA (0x03)) which are allowed values when privacy is enabled.

For aci_gap_set_authentication_req(..,Identity_address_type = CFG_IDENTITY_ADDRESS) proper device address type is used.

As long as aci_gap_add_devices_to_resolving_list is not sent, the proper addess type is the used one.

3.2. Second case - initialize the GAP layer with privacy enabled and use of a Resolvable Private Address

aci_gap_init(CFG_PRIVACY = privacy_enabled)
Depending on the role of the device, to start advertising, scan request or connection request, Own_address_type must be set to RPA (0x02) (or NRPA (0x03)) which are allowed values when privacy is enabled.

Now send aci_gap_add_devices_to_resolving_list(peer_identity_address_type equals to 0 or 1, Peer_address could be whatever except NULL address)

For advertising, scan request or connection request, a RPA will be used.
But device is not yet known.

3.3. Third case - initialize the GAP layer with privacy enabled and use of a Resolvable Private Address after bonding

aci_gap_init(CFG_PRIVACY = privacy_enabled)
Depending on the role of the device, to start advertising, scan request or connection request, Own_address_type must be set to RPA (0x02) which is one of allowed values when privacy is enabled.

Initiate a connection, a pairing (bonding enabled).
Note that like in first case proper address of the device is used.

Disconnect the link.
Now send aci_gap_add_devices_to_resolving_list(Peer_identity_address_type and peer_address_type of the previously bonded device)
Peer_identity_address_type and peer_address_type can be get with aci_gap_get_bonded_devices.

Depending on the role of the device, to start advertising, scan request or connection request, Own_address_type must be set to RPA (0x02) which is one of allowed values when privacy is enabled.

For advertising, scan request or connection request, a RPA will be generated and could be resolved by devices added in resolving list.
Note that both devices need to be in privacy mode. Privacy is necessary to activate the address resolution in Link Layer.

4. First example: Connection between a smartphone and a STM32WB

4.1. first phase - initialize the GAP layer with privacy enabled, connection and bonding - use of public address

Connection and bonding - privacy enabled, use of public address

4.2. second phase - add device to resolving list

Add device to resolving list

5. Second example : Connection between two STM32WB

5.1. first phase - initialize the GAP layer with privacy enabled, connection and bonding. Use of static random address

Connection and pairing - privacy enabled, use of static random address

5.2. second phase - add device to resolving list

Add device to resolving list

6. STM32WB Privacy Application example

ST Bluetooth® Low Energy Privacy example[1]

6.1. References