• State Not Answered
  • Replies 9 replies
  • Subscribers 87 subscribers
  • Views 4808 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 258746
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to implement the LESC for ble peripheral?

fox.tai

SDK version: SDK17.0.2

Product: nRF52840-DK

IDE: Segger

Role: ble peripheral

OS: non-os

Example: examples\ble_central_and_peripheral\experimental\ble_app_multirole_lesc\pca10056\s140

Softdevice: s140

Sniffer equipment: Ellisys

Hi,

  Recently, I would like to use the example ble_app_multirole_lesc as a template for ble peripheral, which runs on nrf52840. I expect it could perform the LESC to do pairing, bonding, and connect to the APP (Android or iPhone). Now I use the Android APP, nRF Connect or nRF Toolbox to connect nrf52840. Actually, I don't want to press button 1 to confirm the passkey, so I make a little change in this example as following:

(in main.c)

#define LESC_MITM_NC                    0

as for LESC_DEBUG_MODE, I've tested to set to 1 or 0.

When I tab the connect button in nRF Connect app, nrf52840 starts to bond, it prints the following message:

<info> app_timer: RTC: initialized.
<info> app: LE Secure Connections example started.
<info> app: Scanning
<info> app: Advertising
<info> app: PERIPHERAL: Connected, handle 1.
<info> app: PERIPHERAL: BLE_GAP_EVT_SEC_PARAMS_REQUEST
<info> app: PERIPHERAL: BLE_GAP_EVT_LESC_DHKEY_REQUEST
<info> nrf_ble_lesc: Calling sd_ble_gap_lesc_dhkey_reply on conn_handle: 1
<info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 1, procedure: Bonding
<info> app: PERIPHERAL: BLE_GAP_EVT_AUTH_STATUS: status=0x0 bond=0x1 lv4: 0 kdist_own:0x3 kdist_peer:0x2
<info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Bonding data, action: Update
<info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Peer rank, action: Update
<info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Local database, action: Update
<info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Central address resolution, action: Update

Then I tab the "Read Characteristic" or "Enable CCCDs", nrf52840 starts to encrypt, it prints the following message:

B.T.W., I add some message to print the LTK (from p_enc_info->ltk[]) after calls sd_ble_gap_sec_info_reply() in sec_info_request_process()  in security_dispatcher.c.

<info> peer_manager_smd: [sec_info_request_process:372] GOT LTK p_enc_info->ltk[]
<info> peer_manager_smd: 5D BC 17 DD
<info> peer_manager_smd: D3 ED 67 45
<info> peer_manager_smd: 84 3D 3C DE
<info> peer_manager_smd: 40 95 CD A6
<info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 1, procedure: Encryption
<info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Peer rank, action: Update, no change

nRF connect app

Everything seemed to go well, but the LTK only successfully decrypt my sniffer packets at the 1st time. And I track the LLCP packets, it show the complete 5 packets as following:

(Actually, this picture is not the 1st time's sniffer packets, because I forgot to save its file... but I'm quite sure these packets are like that)

LLCP complete 5 packets

Their opcode are LL_ENC_REQ,  LL_ENC_RSPLL_START_ENC_REQ, LL_START_ENC_RSP, and  LL_START_ENC_RSP. And I use the LTK which I get from sec_info_request_process() , it can decrypt the packets.

But when I try to test again and again (refresh the code, unpair and delete bond), the LLCP packets didn't get the LL_START_ENC_RSP from central (nRF Connect), which means it only has 3 incomplete sequence as following:

LLCP_incomplete_3_packets

now I cannot decrypt the packets with the LTK. I guess the LTK may be wrong, so the central won't send the LL_START_ENC_RSP to nrf52840.  

Could you please tell me what can I do now?

 

Thanks,

Fox Tai

  • 0

    Hi

    1. Bonding and pairing are also encryption procedures, and I assume this is called "Encryption" just to ensure the user that it is still an encrypted link as well, as it can't be called "bonding" when the devices are already bonded.

    2. Yes, you will not have to disconnect and reconnect in order to be in an encrypted connection after bonding.

    3. Seeing as you're using LESC, you will have to use a debug-key which is standard for all connections, or add the LTK in Ellisys (see this paper). You can get this from the nRF by I.E. logging it from the nRF.

    Best regards,

    Simon

  • 0

    Hi Simon,

    Actually, I wonder where can I find the correct LTK in code, then I would print it out this LTK and fill into the Ellisys application to decrypt sniffer packets.

    Few days ago, I followed this article How can I find the long term key being currently used -peer manager to obtain LTK in function sec_info_request_process(). Because it said "read from flash in sec_info_request_process() with pdb_peer_data_ptr_get() when the device reconnect and re-encrypt", but in bonding procedure, no one called sec_info_request_process(), which means I didn't get the LTK.

    And I remind that article mentioned reconnect device and re-encrypt, program would read the LTK from flash, that's why I try to connect, disconnect, then connect to get the LTK. Now I get the LTK from peer_data.p_bonding_data->own_ltk.enc_info.ltk[] in function auth_status_success_process() after bonding, the first 16 bytes of this LTK is the same with in sec_info_request_process(), but it's weird that strlen size of peer_data.p_bonding_data->own_ltk.enc_info.ltk[] is 17 bytes, the last byte always 0x43. And I ignore the last byte and use the first 16 bytes to decrypt.

    Unfortunately, this LTK often cannot decrypt the sniffer packets. Maybe run 10 times, only 1 time can decrypt successfully. Every time I run the test, I would delete bond, and reflash the image of the Glucose application

    B.T.W., I also try to set LESC_DEBUG_MODE to 1 and 0. LTK usually cannot decrypt my sniffer packets. So I wonder where can I find the correct LTK in source code?

    Thanks,

    Fox Tai

  • 0 in reply to fox.tai

    Hi Simon,

    I found this article LESC_DEBUG_MODE define in ble_app_multirole_lesc, nRF5 SDK 15.0.0, it seems that marco LESC_DEBUG_MODE is not used after sdk 15.0? So debug key is still available in sdk 17.02? 

    Thansk,

    Fox Tai

  • 0

    Yes, by setting the LESC_DEBUG_MODE define to 1 you should enable the LESC debug keys and in turn use the sniffer to inspect traffic.

    Best regards,

    Simon

Related
Terms of service