4.2 Validation of Elliptic Curve Parameters
Researchers at the Israel Institute of Technology identified a security vulnerability in two related
Bluetooth features: Secure Simple Pairing and LE Secure Connections.
PAN1026A supports those features but does not perform public key validation during the pairing
procedure. In this case, connections between devices could be vulnerable to a
man-in-the-middle attack that would allow for the monitoring or manipulation of traffic.
To remedy the vulnerability, the Bluetooth SIG has now updated the Bluetooth specification to
require products to validate any public key received as part of public key-based security
procedures. In addition, the Bluetooth SIG has added testing for this vulnerability within the
Bluetooth Qualification Program.
The necessary procedures are included starting with the release of the Toshiba Bluetooth SDK
version 4.2.2. Further information is included in the documentation
Toshiba_Bluetooth_Platform_Errata.pdf contained in the SDK.
4.3 Unique Mac/Bluetooth Address
The PAN1026A has a preprogrammed address in the EEPROM that needs to be copied into the
RAM during the initialization. Therefore three TCU commands need to be used. Below is an
example with the individual address 00 13 43 00 00 1A.
1. Enter the address: 01 08 FC 0B 00 A0 00 00 00 14 5B FF 02 03 01.
The result is: 04 FF 0A 08 00 A0 00 00 00 14 5B 00 00.
2. Read the Bluetooth address from E2PROM:
01 08 FC 10 00 A1 00 00 00 14 88 FF 10 06 A0 01 01 06 02 00.
The result is:
04 FF 11 08 00 A1 00 00 00 14 88 00 10 06 00 13 43 00 00 1A.
3. Set the address into RAM: 01 13 10 06 1A 00 00 43 13 00.
The result is: 04 0E 04 04 13 10 00.
Design Guide Rev. 1.1
To ensure that the end product is operating according to the Bluetooth
specification the customer application has to follow the above mentioned
instructions.
The bold marked Bluetooth address is original and needs to be byte switched
to write into the RAM of the module to be visible in an Bluetooth inquiry as
example.
PAN1026A Bluetooth Module
4 Software Related Documents Summary
Page 14