Having trouble sending encrypted data

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
lock attach
Attachments are accessible only for community members.
Anonymous
Not applicable

Hello, we are using the 4.2 BLE pioneer kits and when we connect two of them together using unauthenticated pairing with encryption, we can still see the data payload in plaintext using packet sniffing software. How can I ensure our data payload is encrypted after the initial connection process?

0 Likes
1 Solution
Anonymous
Not applicable

If you change the characteristics that you are reading/writing to to require encryption, then writing/reading without working encryption will cause an error event to occur and signify the encryption is not working. This will fire the CYBLE_GATT_ERR_INSUFFICIENT_ENCRYPTION event when not encrypted and a write/read is attempted.

You can also try initiating encryption/pairing when you connect to make sure it works on both ends.

The event CYBLE_EVT_GAP_ENCRYPT_CHANGE will occur if encryption changes during the connection.

You can use the functions: CyBle_AesEncrypt() and CyBle_AesCcmEncrypt() to encrypt information before sending as well.

View solution in original post

0 Likes
5 Replies
Anonymous
Not applicable

If you change the characteristics that you are reading/writing to to require encryption, then writing/reading without working encryption will cause an error event to occur and signify the encryption is not working. This will fire the CYBLE_GATT_ERR_INSUFFICIENT_ENCRYPTION event when not encrypted and a write/read is attempted.

You can also try initiating encryption/pairing when you connect to make sure it works on both ends.

The event CYBLE_EVT_GAP_ENCRYPT_CHANGE will occur if encryption changes during the connection.

You can use the functions: CyBle_AesEncrypt() and CyBle_AesCcmEncrypt() to encrypt information before sending as well.

0 Likes
Anonymous
Not applicable

I already know encryption isn't working as I can see the data in plaintext, when I debug it seems to go through all the proper steps, it just isn't sending the data encrypted. The AES encryption could work, do you know when then key exchange takes place?

0 Likes
Anonymous
Not applicable

I understand that the encryption is not working, but setting the attributes to use encryption to prevent unencrypted data transmission over the wireless channel.

I believe the encryption for the BLE connection is supposed to be automatic, otherwise if you are wanting to manually encrypt (to deal with the bug/issue you are running into), then you will want to look through the BLE API documentation for the various encryption and decryption routines, and read the documentation on it. (I haven't worked with it myself).

If you post the two sides of the connection to the forum here, we can take a look through your settings and see if there is a gotcha somewhere as well.

0 Likes
Anonymous
Not applicable

I really appreciate all the help! Our preferred method would be to use the

encryption routines that are part of BLE 4.2 as that's the reason we chose

to use 4.2. The two sides of the connection should be attached to my first

post.

On Tue, Apr 24, 2018, 2:07 PM e.pratt_1639216 <community-manager@cypress.com>

0 Likes
lock attach
Attachments are accessible only for community members.
Anonymous
Not applicable

It looks like you set 3 of the four gatt characteristics to encryption; You missed setting the UART TX to require encryption to be read from the peripheral (Only the settings on the peripheral matter I think). Try changing that setting to encrypted and see if that fixes the issue (see attached image)

0 Likes