• State Not Answered
  • Replies 1 reply
  • Subscribers 73 subscribers
  • Views 336 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 255792
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

sniffer does not decrypt packets after pairing

ordit

I have burned the new fw 3.0. I am running the wireshark perform pairing and I can't see the packet content after encryption is started.

on previous fw 2.0 I could see only packets which are max 27 bytes (DLE packets was not decrypted correctly) 

all I see is  "Encrypted packet decrypted incorrectly"

your help is greatly appreciated

  • 0

    Hello,

    I can't see the packet content after encryption is started.
    DLE packets was not decrypted correctly

    By this, do you mean that you do in fact see the packets - but not their contents? The message "packet was not decrypted correctly(bad MIC)" is most commonly caused by the sniffer not having the private keys for the connection, so it can not decrypt the packages it intercepts.
    To ensure that the sniffer gets the keys, it will need to be sniffing for the particular device at the time of pairing / bonding.
    I.e you will need to select your device from the device menu ( shown in the included picture ) before going into the secure connection. This will let the sniffer acquire the keys, and follow into the connection.
    In the case that your devices are already bonded ( the keys are stored on the devices ) then you will need to delete the bonds before pairing / bonding again, to ensure that the sniffer is present during the key exchange.
    Please try this and let me know if this lets you see the packets' content.

    Additionally, out of curiosity, could you tell me which device you are pairing your nRF52840 with? Is it a iOS / Android smartphone, or nRF Connect application for desktop?

    Best regards,
    Karl

Related
Terms of service