• State Not Answered
  • Replies 3 replies
  • Subscribers 68 subscribers
  • Views 2329 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 236134
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nrf sniffer with BLE communication indicates bad MIC

Akram

Hi,

I use nrf sniffer to monitor BLE communication. After pairing with encryption, wireshark indicates Encrypted packet decrypted incorrectly (bad MIC).

I think there is no MIC data in BLE packet. Could you help to confirm and fix this issue?

Please also find the wireshark trace for your reference

Bad MIC.pcapng

Parents
  • 0

    Hello,

    If you are using LE secure connection (Diffie-Hellman) then it is not possible to decrypt the link. The only way would be if you can extract the LTK key from one of the peer devices. 

    So you would need to modify the application firmware running on the nRF52. From my understanding the easiest may be to call pm_peer_data_bonding_load() to fetch LTK, this can for instance be done after  PM_EVT_PEER_DATA_UPDATE_SUCCEEDED event, and then output this on UART and then insert this into the sniffer trace manually.

    Best regards,
    Kenneth

Reply
  • 0

    Hello,

    If you are using LE secure connection (Diffie-Hellman) then it is not possible to decrypt the link. The only way would be if you can extract the LTK key from one of the peer devices. 

    So you would need to modify the application firmware running on the nRF52. From my understanding the easiest may be to call pm_peer_data_bonding_load() to fetch LTK, this can for instance be done after  PM_EVT_PEER_DATA_UPDATE_SUCCEEDED event, and then output this on UART and then insert this into the sniffer trace manually.

    Best regards,
    Kenneth

Children
No Data
Related