https://devzone.nordicsemi.com/f/nordic-q-a/82415/sniffing-with-the-nrf52840-dongleCan the nRF52840 dongle be used to sniff/record BLE communications even if the recorded packets cannot be decrypted, or can it only record packets when decryption is possible (have the required TK and pairing method)?en-USTelligent Community 13Tue, 07 Dec 2021 15:19:02 GMThttps://devzone.nordicsemi.com/thread/342420?ContentTypeID=1Tue, 07 Dec 2021 15:19:02 GMT137ad170-7792-4731-bb38-c0d22fbe4515:e9cbcc44-0a40-4e6e-a50e-3cdc696f23acKenneth<p>Honestly speaking I don&#39;t see that very useful, the nRF sniffer it used to sniff a connection during development,&nbsp;typically you will then use bonding method that can be decrypted or provide debug keys to decrypt the connection on the fly.</p> <p>Kenneth</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/342154?ContentTypeID=1Mon, 06 Dec 2021 16:13:56 GMT137ad170-7792-4731-bb38-c0d22fbe4515:2823e6a0-8798-440a-af7e-0794adfc4bddINShaikh<p>Thanks Kenneth.</p> <p>At DEFCON 27, Damien Cauquil demonstrated a method of inferring the channel hopping counter used. This enabled him to determine the sequence of channel hops, thus allowing him to sniff the BLE session. Sure, it wouldn&#39;t work if there were continuous changes made to the connection parameters, but else from that, there wasn&#39;t much of an issue. This was implemented on his BTLEJack.</p> <p>Has Nordic not yet been able to implement this or a similar technique to sniff a connection, or have I misunderstood something?</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/342099?ContentTypeID=1Mon, 06 Dec 2021 13:54:09 GMT137ad170-7792-4731-bb38-c0d22fbe4515:3b278aad-69a9-4538-adaf-49a15a925b7bKenneth<p>It&#39;s only really able to record packets when decryption is possible, the main reason is that the link will very likely change the connection parameters or hopping sequence, and without decryption the sniffer will not be able to receive the change.</p> <p>Kenneth</p><div style="clear:both;"></div>