• State Verified Answer
  • Replies 4 replies
  • Subscribers 88 subscribers
  • Views 996 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 271307
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Failed to encrypt data for nus

irarykim

Hello,

I am developing a product using nRF52840 and BLE communication of my product uses NUS.

SD: s140_nRF52_v7.0.1

SDK: nRF5_v16.0.0

Recently, I want to encrypt data since I found all data is visible by sniffing.

I wish the packet data sniffed are not original text, but encrypted data.

So I added peer manager to my project by referring ble_app_hrs example in the SDK.

I also refered this blog: support-pairing-on-nus-profile-for-central-and-per

Here are some main changes I have made:

1. Add peer_manager_init() to ble nus initialization, and add pm_evt_handler(). Both of them are copied from ble_app_hrs example. Added related *.c files and includes, enabled related macros (PEER_MANAGER_ENABLED, FDS_ENABLED, NRF_FSTORAGE_ENABLED).

2. Delete sd_ble_gap_sec_params_replay() after case: BLE_GAP_EVT_SEC_PARAMS_REQUEST: .

3. Security Mode kept as open in gap_params_init():

  BLE_GAP_CONN_SEC_MODE_SET_OPEN(&sec_mode);

4. Change characteristic access security level:

For RX Characteristic:

For TX Characteristic:

After this, I connected my board to nRF Connect installed in my Android Phone.

I can send data to nRF Connect App, but all data is still visible by sniffing.

The result is the same when I use SEC_MITM instead of SEC_JUST_WORKS.

I think I missed quite a lot further work, can you tell me what are my mistakes?

Thank you.

Jason

Parents
  • +1

    Hi Jason

    In order to enable bonding with the UART service I would strongly suggest simply starting out with a BLE example that already uses bonding, and just replace the existing service with the NUS service. 

    Then all you have to do is remove one service and add another, rather than add all the files and configuration needed for bonding. 

    I expect the easiest example to use is the ble_app_hrs example, which sets up a single service with bonding enabled. 

    Please give this a go, and if you have any problems with it I will do my best to help out. 

    Best regards
    Torbjørn

Reply
  • +1

    Hi Jason

    In order to enable bonding with the UART service I would strongly suggest simply starting out with a BLE example that already uses bonding, and just replace the existing service with the NUS service. 

    Then all you have to do is remove one service and add another, rather than add all the files and configuration needed for bonding. 

    I expect the easiest example to use is the ble_app_hrs example, which sets up a single service with bonding enabled. 

    Please give this a go, and if you have any problems with it I will do my best to help out. 

    Best regards
    Torbjørn

Children
Related
Terms of service