https://devzone.nordicsemi.com/f/nordic-q-a/14713/encryption-of-application-codeHi, I wish to encrypt my application to protect my code. I&#39;ve tried running my hex file through openssl openssl enc -aes-128-ofb -nopad -nosalt -e -K XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -iv XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -in app_release.hex -outen-USTelligent Community 13Tue, 05 Jul 2016 12:19:22 GMThttps://devzone.nordicsemi.com/thread/56138?ContentTypeID=1Tue, 05 Jul 2016 12:19:22 GMT137ad170-7792-4731-bb38-c0d22fbe4515:be27e2ff-56ce-4c24-914e-20f5a374b2c6John<p>Interesting. I wasn&#39;t aware of that Android capability. I get why as a developer that would be really handy, but that sure is a security nightmare. As long as the attacker had that sniffer enabled when the devices paired, then yes I believe the encryption could be defeated.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/56137?ContentTypeID=1Fri, 01 Jul 2016 22:22:07 GMT137ad170-7792-4731-bb38-c0d22fbe4515:1d7c333d-2d1a-4ea9-9772-3ae349229a79babaly<p>It seems you forget about a trivial option on Android systems, a hacker can sniff his own Bluetooth traffic easily by enabling Bluetooth HCI Snoop Log and if your firmware is not encrypted it can be stolen during a firmware upgrade process. I think BLE security options don&#39;t help in this case but please correct me if I&#39;m wrong.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/56136?ContentTypeID=1Thu, 23 Jun 2016 16:01:46 GMT137ad170-7792-4731-bb38-c0d22fbe4515:8b0599c3-04a0-4c00-9d35-7dd46ef657d6mstrouse<p>Consider &quot;scrambling&quot; the binary before you generate your hex file. In doing what you are currently doing, you are scrambling the hex file header(s) and trailer(s). And after that, nothing can make sense of it.</p> <p>I agree with John tho ... look into BLE security options before you spend a lot more time on this.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/56135?ContentTypeID=1Thu, 23 Jun 2016 12:45:45 GMT137ad170-7792-4731-bb38-c0d22fbe4515:9a23f4e8-b41d-4529-90e3-573e8598b89cJohn<p>Then you should look at the BLE pairing and security options. The latest bootloader is set up to be able to share pairing information with your application firmware so you can preserve an encrypted connection between your devices when in bootloader mode. Scrambling the hex file is not going to work.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/56134?ContentTypeID=1Thu, 23 Jun 2016 12:43:23 GMT137ad170-7792-4731-bb38-c0d22fbe4515:6c7e18e1-622a-4118-ae86-794a947b3369lee<p>I wish to protect the algorithms in the application hex file on their way to the nrf52 during over the air updates. Not so worried about people reading our code back using a debugger as we&#39;ll be using read back protection.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/56133?ContentTypeID=1Thu, 23 Jun 2016 12:37:03 GMT137ad170-7792-4731-bb38-c0d22fbe4515:9297cc1a-adc0-45bd-aa2e-aa283d20c50aJohn<p>It is hardly surprising that scrambling your hex file results in a corrupted hex file. If you are looking to protect your application from being reverse engineered I&#39;d look at the read back protection features of the nRF52 instead.</p><div style="clear:both;"></div>