0

According to the Bluetooth Specification, each Bluetooth (or more specifically BLE) device can have a public Bluetooth device address which corresponds to the IEEE-assigned MAC address (burned-in MAC address). A device manufacturer has to purchase a range of MAC addresses from IEEE and can then assign these MAC addresses to his devices. However, Bluetooth devices can also randomize their device address to tackle privacy issues. They can use either

  • a static random address,
  • a resolvable private random address, or
  • a non-resolvable private random address.

I am wondering whether it is actually necessary to purchase the Bluetooth device addresses from IEEE. In other words, what would be the benefit of doing so? Is it possible to simply not purchase public device addresses and instead just use random addresses in products in the market. Or would that lead to legal or licensing issues?

I appreciate your help very much!

David_B
  • 3
  • 1

1 Answers1

0

It's definitely possible to use static random address instead of public address. I guess most people do that.

Theoretically the only down sides are that with a small probability two random addresses might be the same, and you can't benefit from having your device addresses in a certain range (which could sometimes be useful).

Technically, Bluetooth stacks that fail to expose a proper API for connecting to a BLE device using address without prior scanning/bond, can lack the address type bit (public/random) so that the connection attempt does to the wrong address. This issue is currently present on Android.

Emil
  • 16,784
  • 2
  • 41
  • 52
  • So, you mean that not only technically it is possible to use random addresses w/o purchasing public ones, but also this would not lead to kind of licensing issues? Could you also explain your mentioned failure of BT stacks a bit more in detail? Especially I do not get how connecting to a device without prior scanning should be possible, if the respective address is missing? – David_B Dec 02 '21 at 10:04
  • See https://stackoverflow.com/a/43482099/556495. The address including the address type is technically 49 bits, but Android's API only allows you to input 48 bits. No there are no "IEEE licensing" restrictions on using random addresses, since IEEE has nothing to do with random addresses. – Emil Dec 02 '21 at 10:37