BTSecurityLevel (Compact 7)
3/12/2014
This enumeration lists security levels for connections between Bluetooth devices.
Syntax
typedef enum BTSecurityLevel{
BTSecurityLevel_0,
BTSecurityLevel_1,
BTSecurityLevel_2,
BTSecurityLevel_3
} BTSecurityLevel;
Elements
- BTSecurityLevel_0
Does not require that either device have I/O capability. The connection is not encrypted and does not generate a shared link key. This level is only permitted for Service Discovery Protocol (SDP) connections.
- BTSecurityLevel_1
Does not require that either device have I/O capability. The connection is encrypted if both devices support the Bluetooth specification V2.1 or higher. The connection is not encrypted if either device lacks support for V2.1.
- BTSecurityLevel_2
Might require I/O capability on one or both devices. The connection is encrypted, but does not offer any protection from man-in-the-middle attacks.
- BTSecurityLevel_3
Requires I/O or out-of-band authentication capability on both devices. The connection is encrypted and has some protection against man-in-the-middle attacks. This level is only possible between two devices that support V2.1 or higher.
Remarks
For a detailed description of the security levels and their usage, see "Security Database" in the Core Specification v2.1 + EDR, Bluetooth web site.
The "Security Database" topic in the Core Specification v2.1 + EDR defines the default security level for connections. For example, applications can request security level 3 for a connection over radio frequency communication RFCOMM if man-in-the-middle (MITM) security is recommended, or they can request level 2 without MITM protection.
The only service allowed to use level 0 security is SDP, which does not use RFCOMM. Therefore, all RFCOMM-based services must use level 1 security or higher.
Two devices will not connect with each other unless both meet or exceed the security level that each requires. For example, say that device A requires a security level-3 connection to a given service, and device B requires a security level-2 connection to the same service and does not have any I/O or out-of-band capability. The two devices cannot connect because the user cannot interact with device B to authenticate a security level-3 connection, as device A requires.
The Bluetooth SIG recommends using security level 3 for services that exchange personal or confidential information, security level 0 for SDP service connections, and security levels 1 or 2 for other services.
Requirements
Header |
bt_api.h |
See Also
Reference
Bluetooth Application Development Enumerations
BT_SSP_USER_CONFIRMATION_REQUEST_EVENT
BT_SSP_USER_PASSKEY_NOTIFICATION_EVENT