Bluetooth mesh networking


Bluetooth Mesh is a computer mesh networking standard based on Bluetooth Low Energy that allows for many-to-many communication over Bluetooth radio. The Bluetooth Mesh specifications were defined in the Mesh Profile and Mesh Model specifications by the Bluetooth Special Interest Group. Bluetooth Mesh was conceived in 2014 and adopted on.

Overview

Bluetooth Mesh is a mesh networking standard that operates on a flood network principle. It's based on the nodes relaying the messages: every relay node that receives a network packet that authenticates against a known network key that is not in message cache, that has a TTL ≥ 2 can be retransmitted with TTL = TTL - 1. Message caching is used to prevent relaying messages recently seen.
Communication is carried in the messages that may be up to 384 bytes long, when using Segmentation and Reassembly mechanism, but most of the messages fit in one segment, that is 11 bytes. Each message starts with an opcode, which may be a single byte, 2 bytes, or 3 bytes.
Every message has a source and a destination address, determining which devices process messages. Devices publish messages to destinations which can be single things / groups of things / everything.
Each message has a sequence number that protects the network against replay attacks.
Each message is encrypted and authenticated. Two keys are used to secure messages: network keys – allocated to a single mesh network, application keys – specific for a given application functionality, e.g. turning the light on vs reconfiguring the light.
Messages have a time to live. Each time message is received and retransmitted, TTL is decremented which limits the number of "hops", eliminating endless loops.
Bluetooth Mesh has a layered architecture, with multiple layers as below.
LayerFunctionality
Model LayerIt defines a standard way to exchange application specific messages. For example, a Light Lightness Model defines an interoperable way to control lightness. There are mandatory models, called Foundation Models, defining states and messages needed to manage a mesh network.
Access LayerIt defines mechanism to ensure that data is transmitted and received in the right context of a model and its associated application keys.
Upper Transport LayerIt defines authenticated encryption of access layer packets using an application. It also defines some control messages to manage Friendship or to notify the behavior of node using Heartbeat messages.
Lower Transport LayerThis layer defines a reliable Segmented transmission upper layer packets, when a complete upper layer packet can't be carried in a single network layer packet. It also defines a mechanism to reassemble segments on the receiver.
Network LayerThis layer defines how transport packets are addressed over network to one or more nodes. It defines relay functionality for forwarding messages by a relay node to extended the range. It handles the network layer authenticated encryption using network key.
Bearer LayerIt defines how the network packets are exchanged between nodes. Mesh Profile Specification defines BLE advert bearer and BLE GATT bearer. Mesh Profile defines Proxy Protocol, through which mesh packets can be exchanged via other bearers like TCP/IP.

Theoretical limits

The practical limits of Bluetooth Mesh technology are unknown. Some limits that are built into the specification include:
Limit for a networkValueRemarks
Maximum number of nodes32 767The limit is 32768 addresses and while a node may occupy more than one address, the practical limit is most likely lower.
Maximum number of groups16 384
Number of virtual groups is 2128.
Maximum number of scenes65 535
Maximum number of subnets4 096
Maximum TTL127

Mesh models

As of version 1.0 of Bluetooth Mesh specification, the following standard models and model groups have been defined:

Foundation models

Foundation models have been defined in the core specification. Two of them are mandatory for all mesh nodes.
Provisioning is a process of installing the device into a network. It is a mandatory step to build a Bluetooth Mesh network.
In the provisioning process, a provisioner securely distributes a network key and a unique address space for a device. Provisioning protocol uses P256 Elliptic Curve Diffie-Hellman Key Exchange to create a temporary key to encrypt network key and other information. This provides security from a passive eavesdropper.
It also provides various authentication mechanisms to protect network information, from an active eavesdropper who uses man-in-the-middle attack, during provisioning process.
A key unique to a device known as "Device Key" is derived from elliptic curve shared secret on provisioner and device during the provisioning process. This device key is used by the provisioner to encrypt messages for that specific device.
Security of provisioning process has been analyzed in a paper presented during IEEE CNS 2018 conference.
The provisioning can be performed using a Bluetooth GATT connection or advertising using the specific bearer.

Terminology used in the Bluetooth Mesh Model and Mesh Profile specifications

Approved ("qualified") by Bluetooth SIG

Free and open-source software implementations

and open source software implementations include the following: