Sequence Number and IV Index#
A Nonce is a number which may only be used once. Each time a message is encrypted, it is given a new nonce value. The nonce has various parts to it, including a sequence number and a value known as the IV Index. To ensure nonce values are unique for each new message encryption, the sequence number inside a nonce must not be allowed to wrap around while IV index remains unchanged.
The sequence number is a 24-bit value that allows an element to transmit 16,777,216 messages before repeating a nonce. If an element transmits a message on average once every second, then these sequence numbers would be exhausted after 194 days. To enable a mesh network to operate for longer periods of time than the sequence number space allows, an additional 4-octet value called the IV (Initialization Vector) Index is defined that is included in the security nonce.
The IV Index is a 32-bit value that is a shared network resource (that is, all nodes in a mesh network share the same IV Index value and use it for all subnets they belong to). Its purpose is to provide entropy (randomness) in the calculation of message Nonce values. At the same frequency of one message every second, the lifetime of the network using the IV Index would measure in billions of years.
Read the Bluetooth Mesh Profile Specification v1.0.1 for further information.
Before the sequence number approaches the maximum value (0xFFFFFF), the element updates the IV Index using the IV Update procedure. The IV Index starts at 0x00000000 and is incremented during the IV Update procedure.
Sequence Number Increments#
Each element increases the sequence number by one for every Network Protocol Data Unit (PDU) sent out to the network. The sequence number must be stored in non-volatile memory to ensure the sequence numbers that have been used will not be reused. However, writing every sequence number increment to flash memory is likely too many writes and would probably wear out flash memory during the lifetime of a product. The solution for this issue depends on Bluetooth mesh stack implementations.
In our implementation, the stack stores the sequence number in flash memory at a fixed interval when the sequence number is a multiple of a configurable value. Given that a device may lose power unexpectedly during the interval, the stored sequence number may be behind the sequence number actually used last, and using the stored value directly would lead to sequence number reuse. To avoid using the sequence numbers that have been used, the stack increases the stored sequence number by the configured interval value on a reset. The stack won’t increase the sequence number if the increment of the stored sequence number was 0.
The stack will not transmit any Network PDUs from an element if its sequence number has reached the max value 0xFFFFFF. A node should initiate the IV Update procedure whenever it determines it is at risk of exhausting its sequence number values within a maximum of 96 hours, or if it determines that another node is in this situation.
IV Update Procedure#
The IV Update procedure should be performed before the sequence number is exhausted. The procedure updates the IV index to a new value that will be used for subsequent communication in the mesh network. Once the IV Update procedure completes, the sequence number is reset to 0 on every element of every node in the network.
The IV Update procedure is initiated by any node in a primary subnet. If a node on a primary subnet receives an update on the primary subnet, it propagates the IV update to all other subnets. If a node on a primary subnet receives an IV update on any other subnet, the update is ignored.
The IV Index is shared within a mesh network via Secure Network beacons. IV updates received on a subnet are processed and propagated to that subnet. The propagation happens by the node transmitting Secure Network beacons with the updated IV Index for that particular subnet. A node that receives an IV update may or may not be able to update its IV index depending on the IV Update procedure state and the time since the last IV update.
When a node is added to a mesh network, it is in the Normal Operation state. During the Normal Operation state, the IV Update Flag in the Secure Network beacon and in the Friend Update message is set to 0.
After 96 hours of operating in the Normal Operation state, a node may initiate the IV Update procedure by transitioning to the IV Update in Progress state. When a node transitions from the Normal Operation state to the IV Update in Progress state, the IV Index on the node is incremented by one.
During the IV Update in Progress state, the IV Update Flag in the Secure Network beacon and in the Friend Update message is set to 1.
A node in the Normal Operation state receives a Secure Network beacon with the IV Update Flag set to 1 and an IV index equal to its current IV index + 1. The node then transitions to the IV Update in Progress state and updates its current IV index.
After at least 96 hours and before 144 hours of operating in the IV Update in Progress state, the node transitions back to the Normal Operation state and resets its sequence number to 0x000000.
A node must not start an IV Update procedure more often than once every 192 hours.
Read Section 3.10.5 of the Bluetooth Mesh Profile Specification v1.0.1 for further information.
IV Index Recovery Procedure#
If a node is absent from a mesh network for a period of time, it may have missed IV index updates and is not able to communicate with other nodes. In this case, the node can scan for a Secure Network beacon, which contains the Network ID and the current IV Index, to recover the IV index. The IV Index Recovery procedure sets the current IV index and the IV Update procedure state of a node from the values in the Secure Network beacon.
A node in the Normal Operation state receives a Secure Network beacon with an IV index greater than its current IV index + 1. It then may initiate an IV Index Recovery procedure.
A node in the Normal Operation state receives a Secure Network beacon with the IV Update Flag set to 0 and an IV index equal to its current IV index + 1. It then may update its IV index without going to the IV Update in Progress state, or it may initiate an IV Index Recovery procedure, or it may ignore the Secure Network beacon. The node makes the choice depending on the time since the last IV update.
After the IV Index Recovery procedure has updated the IV Index, the 96-hour time limits for changing the IV Update procedure state, as defined in the IV Update procedure, do not apply.
A node must not execute more than one IV Index Recovery procedure within a period of 192 hours.
A node in the Normal Operation state receives a Secure Network beacon with an IV index less than its current IV index or greater than its current IV index + 42. It ignores the Secure Network beacon. This allows a node to be away from the mesh network for 48 weeks. A node that is away from a network for longer than 48 weeks must be reprovisioned.
Read Section Bluetooth Mesh Profile Specification v1.0.1 for further information.
IV Update Procedure Example#
A summary of the IV Update procedure is provided in the table below.
IV Index | IV Update Flag | IV Update Procedure State | IV Index Accepted | IV Index used when transmitting |
|---|---|---|---|---|
n | 0 | Normal | n-1, n | n |
m (m=n+1) | 1 | In Progress | m-1, m | m-1 |
m | 0 | Normal | m-1, m | m |
The following example illustrates the transition of the IV Update procedure state and IV index updates in the IV Update procedure. It will help explain the table above. You will also see from this example that the nodes before, during and after the IV Update procedure are able to communicate based on their Tx and Rx IV indices.
Node A and B are in the Normal Operation state and have the IV index 80 (n = 80, IV Update Flag = 0).
Node A initiates the IV Update procedure and then Node B performs the IV Update procedure (m = 81, IV Update Flag = 1).
a) Node A transitions to the IV Update in Progress state and increments its IV index by 1.
b) Node B receives a Secure Network beacon with IV index = 81 and IV Update Flag = 1, transitions to the IV Update in Progress state and increments its IV index by 1.
Node A and B transition to the Normal Operation state (m = 81, IV Update Flag = 0).
a) Node A transitions to the Normal Operation state.
b) Node B receives a Secure Network beacon with IV index = 81 and IV Update Flag = 0 and transitions to the Normal Operation state.
