AES CCM encryption/decryption examples

Hi Nabil

If you are using Bluetooth then you don't need my example, you can just use the built in pairing mechanisms of the Bluetooth stack.

If you don't want to use passkey then you can revert to 'just works' pairing (providing encryption only, without authentication). This makes you vulnerable to attacks during the pairing phase, but if you make sure to pair in a safe location then you will have a secure connection afterwards.

If you enable the LE Secure Connections feature (introduced in Bluetooth 4.2) then you also get passive eavesdropping (sniffer) protection, but you don't get man in the middle protection unless you enable authentication.

Best regards

Thank you for your help.

In this answer : devzone.nordicsemi.com/.../

we can read that :

Just Works: STK generated on both sides, based on packets sent in plain text. No security against MITM attacks

If I'm working with SDK11 on S132 then the link is encrypted in the Heart Rate Sensor example ?

If I enable the LE Secure Connections it's impossible to sniff data ?

Hi Nabil

As explained in the case you link to the HRS example does not require encryption. Unless you request it from the central side the link will remain open.

With LESC it is not possible simply to sniff the data, that is correct, but you can still perform a man-in-the-middle attack.

Best regards