• State
  • Locked Locked
  • Replies 6 replies
  • Subscribers 52 subscribers
  • Views 1018 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

(CC2541)What does security enabled mean in sniffer package?

yixing zhou
Prodigy 130 points

Hi, everyone.

when I Capture a package with cc2540dongle, it has a field security enabled. But I really can see the l2cap thing. Why?

Packet index: 31
Length: 9
Raw data (hex): 52 BC 72 64 0D 00 33 04 B9
RSSI [dBm]: -46
CRC OK: 1

  • 0
    Genius 4470 points

    If the pairing is enabled and if the device are paired, then the encrypted data is transferred between connected device. And at that time 'Security Enabled' field shows 'Yes' and 'No' otherwise.

  • 0 in reply to Dhaval V
    Prodigy 130 points
    the device are paired, if it encrypted, and why sniffer can unencrypted the package? Sometimes, it capture some Decrypted Payload and Decrypted MIC. I am so confused.
  • 0 in reply to yixing zhou
    Genius 4470 points
    1. How you have make sure that it was paired?
    2. Packet sniffer can't decrypt the packets. You can change the permission from GATT_PERMIT_READ to GATT_PERMIT_AUTHEN_READ. So that it will make sure that no one can read without authentication.
  • 0 in reply to Dhaval V
    Prodigy 130 points

    Hi,Dhaval V

    1. I am sure that it was paired. Because it returned  GAPBOND_PAIRING_STATE_COMPLETE with a status SUCCESS. In addition, I can see they exchange key with sniffer.

    2.I want that attribution to be a control point, I set its permission GATT_PERMIT_AUTHEN_WRITE. But it doesn't work! it return INSUFFICIENT_AUTHEN.

    I am so confused. just help me!

  • 0 in reply to yixing zhou
    Genius 4470 points

    Hi,

    Please check that you have configured following parameters:

    GAPBOND_DEFAULT_PASSCODE = '000000';// Or some other value

    GAPBOND_PAIRING_MODE = GAPBOND_PAIRING_MODE_INITIATE;// Peripheral device initiates pairing

    GAPBOND_MITM_PROTECTION = TRUE; // MITM protection is enabled

    GAPBOND_IO_CAPABILITIES// Set IO capabilities as per your peripheral device

    GAPBOND_BONDING_ENABLED = TRUE; // Bonding is enabled

    Thanks,

    Dhaval

  • 0
    Prodigy 10 points

    Hello,

    I have the same exact question, with another example.

    Is there a way to attach the raw .psd file ?

    I encrypted the channel (the sniffer captured as expected Encryption Request + Start) and than made a Read_by_Group_Type on my server.

    In the screenshot it can be seen that the "Security Enabled" field shows Yes, but if you examine the raw packet details:

    Raw data (hex): 50 BC B1 37 02 0B 07 00 04 00 10 01 00 FF FF 00 28 6C D9 08

    You can see that there is no MIC:

    CRC: 6C D9 08

    payload: 10 01 00 FF FF 00 28

    L2CAP Lenght: 07

    Clearly, there are no data in between, or at least they are not shown from the MIC (also the length is 7, should be 0xA if there was a MIC).

    So once again, what does "security enabled = yes" imply?

    Also note that in the example posted by user4019607 there is a mismatch between the data and the packet shown (maybe missed a double click on the packet?).

    Thanks in advance and kind regards,

    Michele