• State Not Answered
  • Replies 7 replies
  • Subscribers 86 subscribers
  • Views 386 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 358574
Options

Gazelle & NRF 52840

Samuel01

I am trying to evaluate the NRF 52840 using the Gazell protocol.

I need some secured link between 2 devices with a low latency, and authentified (so no one can replace one of the devices, inject etc). But I also need some communication in both ways so with ack payload. The encryption (hide the data from a sniffer) is not mandatory, while it doesn't allow an attacker to do injection or spoofing etc.

I see that the Gazell protocol can encrypt, which I don't need, but I am  not sure if the data unencrypted is authentified when a device and a host are paired and comunicating using unencrypted data ?

If the gazell protocol doesn't match, do you have any other secured (encryption is not mandatory) link that could be interesting ?

Thanks for the clarification !

Parents Reply Children
  • 0 in reply to Kenneth

    Yes it's also what I found, only 1 pipe is encrypted, so it's not possible to have encrypted or at least authentified communication in both directions.

  • 0 in reply to Samuel01

    I honestly don't understand, I can't imagine that it's encrypted only one way. 

    I assume you have a gazell host that is receiving data and a gazell device transmitting data, all communication should be done on pipe1 that is encrypted after gazell pairing. The gazell device is the one that need to initiate all communication. The gazell host can at any time prepare data to be sent on pipe1 back to the gazell device, but the only way it can be sent from the host to the device, is by the gazell device transmitting a packet which indirectly will then fetch the packet from the gazell host.

    Kenneth

  • 0 in reply to Kenneth

    If you have a look at the gzp.h, you will see for the host the functions 

    gzp_crypt_user_data_received and 
    gzp_crypt_user_data_read. 
    And for the device the function 
    gzp_crypt_data_send.
    But there is no send function for the host, or attach_payload function.
  • 0 in reply to Samuel01

    Sorry, you are right. I was under the impression it was, but it's been a while since I worked on Gazell so my memory proved me wrong.

    The GZP API doesn't provide a specific high-level function for host-to-device encrypted data because it uses the underlying Gazell ACK mechanism. For encrypted host-to-device communication, you need to manually encrypt the ACK payload data before calling nrf_gzll_add_packet_to_tx_fifo() on the host. So maybe that can help.

    Kenneth

Related
Terms of service