Bluetooth Low Energy security layer |

The Bluetooth Low Energy (BLE) communication model provided by the Digi IoT Mobile SDK exposes a secured communication channel between the Digi device and the smartphone. This implies that, before sending or receiving any data, the client (smartphone in this case) needs to authenticate and unlock communication with the Digi device.

The security layer is an implementation of the Secure Remote Password (SRP) algorithm, a cryptographic authentication protocol that enables secure password-based authentication between a client and a server without transmitting the actual password. The authentication password must be the same in both the Digi device and mobile app. Once the authentication is completed, all communication between the smartphone and Digi device is encrypted following the AES-256-CTR specification.

BLE security in the ConnectCore device

The Digi ConnectCore BLE Python library of the Digi IoT Mobile SDK already implements the SRP protocol. This implies that all BLE Python applications that use this library will include this security layer by default. The only thing you need to do in the Python application is to configure the authentication password.

Configure the authentication password

from digi.ccble.service import ConnectCoreBLEService
# Instantiate the ConnectCore BLE service.
cc_ble_service = ConnectCoreBLEService.get_instance()
# Change the authentication password.
cc_ble_service.set_password("New password")
# Start the service.
cc_ble_service.start()

BLE security in the XBee device

The firmware running in the XBee devices already includes a built-in implementation of the SRP protocol for secure and encrypted communication. The only thing you need to do is to configure the authentication password, as explained in Enable and configure the BLE interface.

BLE security in the mobile application

The About the Digi IoT Library for .NET MAUI of the Digi IoT Mobile SDK already implements the SRP protocol, making the authentication and encryption processes transparent when connecting with a device. The only thing you need to do is to provide the BLE authentication password when instantiating any Digi device class.

Instantiate a Digi BLE device using the Bluetooth MAC and password

DigiBLEDevice myDigiBLEDevice = new DigiBLEDevice("00:00:00:00:00:00", "password");

After opening the connection with the device, the Digi IoT Library for .NET MAUI executes the entire authentication process in background and encrypts/decrypts the data when communicating with the Digi device.