This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

"Insufficient Encryption" when connecting with iOS App

Hi,

We have a firmware application using SDK 12.3 and Softdevice S132 V3.0.0 running on a nRF52 controller.The firmware is used pheriperial BLE device and provides a GATT server. In general, this works well with an Android application.

Some coleagues started with developement of an iOS application used as central device. As iOS dosen't provide a separate bonding command, the bonding is initialized by an access atempt to one of the encrytped characteristics. Somehow this works, because the communication succeeds after next reconnect. But immediately after pairing the iOS app returns an "Insufficient Encryption" error, when "reading" one of the characteristics.

That means firmware sends a notification for the specifc characteristic.

Is it possible that the notification is sent too early? With no encryption? Or with just a temporary key instead of bonding key?

Currently, we think the root cause is not in iOS / iOS-App. But where ever the cause is, can you give me any hints how I can trace this problem down?

Thanks!

0 Edvin over 7 years ago

Hello,

What device returns the "Insufficient Encryption"? error, the iPhone application, or on the nRF side when you get the read request?

Typically, phones will request encryption when they try to access a service that requires encryption, but you should not have to disconnect and connect again for this to take effect.

But where do you see the "insufficient Encryption" return?

Best regards,

Edvin
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Roman over 6 years ago in reply to Edvin

The iPhone returns "Insufficient Encyption".

But it is returned by the operating system and not the iPhone application.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Edvin over 6 years ago in reply to Roman

Hello,

I understand.

Just to get things straight:

You (the customer) requests encryption by writing to a protected characteristic, which then triggers an "Insufficient Encryption"?

What level of encryption does the characteristic require?

Does this happen if you try the ble_app_gls example?

Best Regards,

Edvin
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Roman over 6 years ago in reply to Edvin

Hi,

Yes, your right: The customer requests encryption by writing to a protected characteristic, which then triggers an "Insufficient Encryption".

Required encryption is: unauthenticated encryption (sequrity level 1 mode 2)

I think it is related to this post in iOS forum:

https://forums.developer.apple.com/thread/20585

They talk about a changed key calculation in firmware, but I don't know how I do that.

I can not test this with ble_app_gls example, because I don't have a related iOS app. The customers iOS app will not work with that example.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Edvin over 6 years ago in reply to Roman

They can try with the nRF Connect for iOS.

It would be interresting to see whether it works on the ble_app_gls example from SDK12.3.0, vs the ble_app_gls example from SDK15.0.0 on the same version of iOS.

Best regards,

Edvin
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel