When is the peer LTK (Long Term Key) generated? Exchanged? Changed?
1 of 1 people found this helpful
LTK is generated once during the bonding, saved in the NVRAM and used during consecutive connection it encrypt the link. The same applies to IRK which is used to perform address resolution. Please note that peripheral application really does not need to know about the address resolution. When client connects it can just verify that device is bonded and/or start pairing if it is not the case. Following code snippet is from the hello_sensor in 2.0 SDK
// as we require security for every connection, we will not send any indications until
// encryption is done.
if (bleprofile_p_cfg->encr_required != 0)
ble_trace0("device not bonded");
blesmp_pinfo->pairingParam.AuthReq |= LESMP_AUTH_FLAG_BONDING;