• State Not Answered
  • +1 person also asked this people also asked this
  • Replies 34 replies
  • Subscribers 70 subscribers
  • Views 19789 views
  • Users 0 members are here
Attachments (6) Download All
Nordic Case Info
  • Case ID: 226323
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

encryption and decryption of advertising data

Naralasetty Praneeth

Hii nordic;

I need to encrypt and decrypt my advertising data i.e;UUID,Major,Minor,etc.;  of my nrf52832

So it cannot be seen by third parties

my sdk version is 15.2 and softdevice is 132

Parents
  • 0

     I have been thinking some more on the solution I proposed in my previous reply and from a security perspective I think it would be better to include the nounce in the advertisement packet and then keep the counter values static, i.e. 0x0000 and 0x0001. 

    I am afraid that we do not have any example code that does this in our SDK out-of-the-box. You should be able to modify the existing code I have provided for the peripheral side, you would just have to modify it to place the nounce in the scan response packet as manufacturing specifc data. 

    On the central side you will have to add the handling of  the NRF_BLE_SCAN_EVT_SCAN_REQ_REPORT case in the scan_evt_handler() function that is set as the scan event handler function in scan_init() in main.c. There you will have to extract the nounce and then store both the nounce and the address of the sender. You will need this to determine which nounce that should be used to decrypt which advertisment message. 

    Best regards

    Bjørn

  • 0 in reply to bjorn-spockeli

    bjorn-spockeli:

    I think i had done the same that you told in the above code then also i am not getting the values 

    Please help me to write that code

  • 0 in reply to Naralasetty Praneeth

    You can start by modifying the BLE peripheral code so that the nounce that you generate is placed in the Scan response packet. This is done by populating the ble_advdata_t srdata struct in the ble_advertising_init_t init struct in advertising_init() in main.c

    /**@brief Function for initializing the Advertising functionality.
 */
static void advertising_init(void)
{
    ret_code_t             err_code;
    ble_advertising_init_t init;

    memset(&init, 0, sizeof(init));

    init.advdata.name_type               = BLE_ADVDATA_FULL_NAME;
    init.advdata.include_appearance      = true;
    init.advdata.flags                   = BLE_GAP_ADV_FLAGS_LE_ONLY_GENERAL_DISC_MODE;
    init.advdata.uuids_complete.uuid_cnt = sizeof(m_adv_uuids) / sizeof(m_adv_uuids[0]);
    init.advdata.uuids_complete.p_uuids  = m_adv_uuids;
    
    // Populate Scan Response Data struct
    ble_advdata_manuf_data_t sr_advdata;

    memset(&sr_advdata,0, sizeof(sr_advdata));
    sr_advdata.data.p_data = nounce;
    sr_advdata.data.size = sizeof(nounce);
    sr_advdata.company_identifier = 0x0059; // Nordic Semiconductor Company ID, should be replaced with own company ID. 

    init.srdata.p_manuf_specific_data = &sr_advdata;


    init.config.ble_adv_fast_enabled  = true;
    init.config.ble_adv_fast_interval = APP_ADV_INTERVAL;
    init.config.ble_adv_fast_timeout  = APP_ADV_DURATION;

    init.evt_handler = on_adv_evt;

    err_code = ble_advertising_init(&m_advertising, &init);
    APP_ERROR_CHECK(err_code);

    ble_advertising_conn_cfg_tag_set(&m_advertising, APP_BLE_CONN_CFG_TAG);
}

  • 0 in reply to bjorn-spockeli

    bjorn-spockeli:

    yes its done i had added nounce to the scan response.

    now what is the code that i should add in the central side i.e., Scanning side

    this code is for peripheral side usinf ble_app_proximity_beacon:

    encryption peripheral.rar

    decryption central.rar

    this is code i wrote using ble_app_uart_c example for decryption.Please check i am getting garbage values not getting the encrypted values

Reply Children
No Data
Related