• State Verified Answer
  • Replies 6 replies
  • Subscribers 67 subscribers
  • Views 9181 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 112297
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Question about BLE encryption / sniffing

MANGO

Hi, I use

nRF51822 Rev.3, SDK 7.2, SDK 10.0, S110 8.0, and S120 2.1 most of the time.

I mostly quote most of the codes from the SDK's examples such as HID keyboard or NUS.

I noticed that the advertising packets and NUS data (after pairing is done) packets

could be sniffed as a plain text. (I use the nRF dongle and nRF Sniffer to check it.)

For instance, the nRF Sniffer showed the NUS packets from the peripheral.

So I was wondering if I can encrypt the packets using Nordic's SDK.

As far as I know, the nRF51822 has a AES ECB (Electronic Codebook mode encryption, a single 128 bit AES block encrypt hardware module).

How I can encrypt my data (NUS or HID packets) and advertising packets? I don't want these packets to be revealed as a plain text from sniffers.

I'm hoping for a level of security

which can prevent MITM (Man-in-the-middle attack) and replay attack (playback attack).

Can this be achieved? I expect the answer might depend whether I use bonding or pairing.

// Added at March, 9, 2016

Sniffer

I use the nRF Sniffer at and Wireshark at Windows 10, 32 bit.

Wireshark

-Best Regards, Mango

Parents
  • FormerMember
    0 FormerMember

    In the NUS example in the SDK, bonding is not implemented; the device manager which handles the encryption is not included in that project. Below is a version of ble_app_uart_c with bonding implemented. The example was made in SDK 10.0.0, and should be placed in the following folder: ..\nRF51_SDK_10.0.0_dc26b5e\examples\ble_central

    ble_app_uart_c_bonding.zip Note that the code has not been extensively tested, so there can be some bugs.

    Update 09.03.16: It is not possible to have security on advertising packets. If you want to use encryption, there will have to be a connection.

    With MITM bonding/pairing, the purpose is to avoid MITM attacks. With MITM bonding the device swill have to interact in some way, by for example pressing a passkey code, in order for the encryption process to happen. By doing so, you will know that the correct devices are bonding.

    Note that if you use the sniffer during the encryption process, the sniffer will see the exchange of encryption key, and therefore be able to follow the encrypted link. However, if the sniffer is not present during the encryption process, it will not be able to the encrypted link. If two devices are bonded, there will only be exchange of encryption keys during their very first connection.

    ble_app_uart_c is the central example for the UART service.

    nRF51-ble-app-uart-static-passkey is a peripheral example for the UART service.

  • 0 in reply to FormerMember

    I lack too many knowledge about encryption process.

    Can you recommend me a thread about encryption process at the devzone

    or sections from the BLUETOOTH SPECIFICATION Version 4.X?

    I think I have to round up the question now and to some study.

    Thanks for your help.

Reply Children
No Data
Related