• State Not Answered
  • Replies 2 replies
  • Subscribers 63 subscribers
  • Views 3211 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 103308
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Wireshark and Encryption

Jo-Jo

I am using the sniffer with Wireshark to watch some data being passed by my central and peripheral. I started with the multilink central and peripheral examples. Unfortuantely, Wireshark always tells me it can't decrypt the data because the MIC is bad. However, I don't want things to be encrypted now, so I have set the attributes to BLE_GAP_CONN_SEC_MODE_SET_OPEN(). I thought that would keep the data from being encrypted, but in Wireshark the last packet I can read properly is "LL Control PDU: LL_START_ENC_REQ". So things seem to be getting encrypted, but shouldn't setting my security to open prevent the connection from being encrypted?

In a related question, I saw another post that said I have to be sniffing before the connection is bonded, which I am doing, so even if it is encrypted, shouldn't I be able to sniff the packets?

  • 0

    It is possible to encrypt a connection even if there are no attributes requiring a security level to be accessed. It's hard to say for sure what's happening without a trace, but I guess one of the parts initiate security (perhaps due to an existing bond?) and that's what you're seeing. Try clearing any existing bonds if there are any.

    For the second part the sniffer is able to decrypt connections when it sees the initial security setup (and enter any keys if applicable). I don't think it supports entering a long-term key to decrypt a secure connection encrypted with an LTK previously exchanged through bonding.

  • 0

    I'm not exactly sure what I did to get this working, but it works now. I erased, and reloaded both soft devices, and both applications. I also quit out of Wireshark, and the sniffer, and restarted them both. Now it seems to work.

Related