How do I parse encrypted Bluetooth packets using the "ble-sniffer_win_1.0.1_1111_Sniffer" software?
How do I parse encrypted Bluetooth packets using the "ble-sniffer_win_1.0.1_1111_Sniffer" software?
Hi Jesse,
For the sniffer to decrypt a connection it needs to know the LTK. So what you need to do is to make sure that the sniffer has listened to the bonding process on the first connection between the two device. So that it can get the key from the process.
This is however only applied to legacy pairing. With LE Secure connection it's not possible to sniff the key from a passive sniffer due to higher level of security. The only way to sniff encrypted connection is to use the debug key.
How can I use the debug key?
Hi Jesse,
It's the key defined by bluetooth spec (Core Bluetooth Specification v4.2 Vol.3, Part H, Section 2.3.5.6.1) so that the LTK can be predictable. But before that you would need to verify that your pairing actually using LE Secure connection.
Please use nrf sniffer version 2 instead of version 1.0.1. On v1.0.1 the sniffer doesn't support LE Secure connection.
https://www.nordicsemi.com/Software-and-Tools/Development-Tools/nRF-Sniffer/Download#infotabs
Hi Jesse,
It's the key defined by bluetooth spec (Core Bluetooth Specification v4.2 Vol.3, Part H, Section 2.3.5.6.1) so that the LTK can be predictable. But before that you would need to verify that your pairing actually using LE Secure connection.
Please use nrf sniffer version 2 instead of version 1.0.1. On v1.0.1 the sniffer doesn't support LE Secure connection.
https://www.nordicsemi.com/Software-and-Tools/Development-Tools/nRF-Sniffer/Download#infotabs
OK, Thank you very mach!