OOD | CΛTΞИCOΔΞ

/ˌuː uː ˈdiː/

n. "Bluetooth Secure Simple Pairing method exchanging cryptographic data via NFC or QR unlike legacy PIN entry."

OOD, short for Out Of Band, provides high-security Bluetooth pairing by communicating authentication data through secondary channel (NFC, audio, visual) rather than vulnerable radio link—devices exchange public keys/nonces via NFC tap while Bluetooth LE simultaneously negotiates session keys, preventing man-in-the-middle attacks impossible over single 2.4GHz medium. Contrasts PIN's shared-secret weakness by leveraging physical proximity verification through alternate physics.

Key characteristics of OOD include: Dual-Channel simultaneous NFC + Bluetooth LE key exchange; MITM Protection attacker lacks physical NFC access during pairing window; Static/Dynamic Keys NFC NDEF payload carries TK (Temporary Key) or public keys; No User IO suitable for headless IoT pairing; Association Models NFC Forum pairing complements Bluetooth SSP.

Conceptual example of OOD usage:

/* NFC NDEF OOB data for BLE Secure Connections */
typedef struct {
    uint8_t tk;           // Temporary Key (128-bit)
    uint8_t confirm;      // Confirmation value
    uint8_t rand;         // Nonce
    bd_addr_t peer_addr;      // Remote BD_ADDR
} ble_oob_data_t;

void nfc_oob_pairing() {
    // NFC reader/writer exchanges OOB data
    ble_oob_data_t oob_rx, oob_tx;
    
    nfc_write_ndef(&oob_tx);      // Tag writes TK+confirm+rand
    nfc_read_ndef(&oob_rx);       // Phone reads peer OOB
    
    // Bluetooth LE uses OOB data for pairing
    gap_set_oob_data(&oob_rx);
    ble_pairing_start(LE_SC_OOB);
    
    // Verify confirm values over BLE match NFC exchange
    if (memcmp(oob_rx.confirm, expected_confirm, 16) == 0) {
        // MITM-resistant pairing complete
        bond_device(oob_rx.peer_addr);
    }
}

Conceptually, OOD splits pairing across physics—NFC proximity proves device identity while Bluetooth LE derives session keys from exchanged nonces/public keys, creating bond impossible for remote eavesdroppers lacking physical access. Enables "tap-to-pair" wearables/IoT where PIN entry impossible; contrasts AFH spectrum adaptation by securing association before TDMA/FHSS traffic flows.

Software

Design

Methodology