"Encrypted packet decrypted incorrectly (bad MIC)" - how to get LTK

Hi,

I am trying to sniff between my phone and a BLE device.

When I put the device in pairing mode, I can see it in the "advertising" list. Then I select it (but I don't know if I should select anything from the "legacy passkey", "legacy ltk", "follow le address") 

I can see packets from/to that device.

Then I make the pairing on my phone (no PIN is required)

But then I can't get any data , all is encrypted and all I see is "empty PDU" or "Encrypted packet decrypted incorrectly (bad MIC)"

What is the correct method ?

As far as aI remember from my past experiences, if I sniff within the pairing session , I should not need a LTK.

But if LTK will help, can you guide me how to get the LTK ?

Btw, if I do the pairing, I no longer see the device in "advertising" list. If I get the LTK and try to sniff after pairing, how do I filter that device ?

Parents Reply
  • thanks for your response. But I am not a professional and the terms you use  , I am not familiar with them.

    "if your devişce has no lesc" -> what is lesc , and how do I know if my device has lesc ?

    "then you can sniff LTK in pairing process" -> how can I do that ?

    "which sdk you use." -> I don't know. I have a laptop with Wireshark installed and 2 years ago I had installed extensions to sniff using nRF52840. I had followed official guides that time. But I'm not sure where the guide is now.

Children
Related