Thanks! I looked into using BLE for P2P a few years ago, but only found the key-value API, not L2CAP. It’s good to know we can open real streams.
You don’t need a PKI infrastructure to use mutual TLS: you can just create your own self signed certs on device and use those, The APIs are ugly but it’s doable.
NOISE is a security protocol framework so AFAIK you can’t just drop it into your code without doing some configuration. What I use instead is SecretHandshake, a simple protocol used by Secure Scuttlebutt. It does mutual auth of a pair of Ed25519 key-pairs and produces shared secrets you can use as symmetric keys to encrypt the stream.
SHS was invented, mostly, because TLS 1.3 didn’t exist yet. I also very much like the explicit pinning it does but yes, you can also configure that with NOISE.
Somewhat out-of-date answer: pretty well, though it varies by OEM what power saving parameters they put in place. There aren’t any special Bluetooth specific controls like iOS. Traditionally the reliable way to keep something alive constantly is a foreground service, but Android has since added new background usage settings for apps and I’m no longer sure what the state of the art is, sorry.
Thanks! I looked into using BLE for P2P a few years ago, but only found the key-value API, not L2CAP. It’s good to know we can open real streams.
You don’t need a PKI infrastructure to use mutual TLS: you can just create your own self signed certs on device and use those, The APIs are ugly but it’s doable.
NOISE is a security protocol framework so AFAIK you can’t just drop it into your code without doing some configuration. What I use instead is SecretHandshake, a simple protocol used by Secure Scuttlebutt. It does mutual auth of a pair of Ed25519 key-pairs and produces shared secrets you can use as symmetric keys to encrypt the stream.
SHS was invented, mostly, because TLS 1.3 didn’t exist yet. I also very much like the explicit pinning it does but yes, you can also configure that with NOISE.
I wonder how well it works on android when the phone is locked.
Somewhat out-of-date answer: pretty well, though it varies by OEM what power saving parameters they put in place. There aren’t any special Bluetooth specific controls like iOS. Traditionally the reliable way to keep something alive constantly is a foreground service, but Android has since added new background usage settings for apps and I’m no longer sure what the state of the art is, sorry.