• State TI Thinks Resolved
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 54 subscribers
  • Views 495 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CCS/CC1350: CC1350 Packet sniffing and decryption of the encrypted packets.

namdev nayak
Intellectual 290 points
Part Number: CC1350

Tool/software: Code Composer Studio

I am workin on security under TI 15.4 stack. I want to validate whether the encrypted packets which are being sent to the collector using packet sniffer. 

My main role is to validate the encrypted packets by decrypting it by any means and comparing it with the actual data.

I have found aesccm and aesesb code in resource explorer.

1) i want to know whats the difference between two codes.

2) i want to use either of these two codes on CC1350 launchpad, how?

Thank you.

  • 0
    TI__Genius 12415 points
    do you want to decrypt the transmitted packets using the sniffer?
  • 0 in reply to Hector_r
    Intellectual 290 points
    Hi Hector,
    Sorry for the confusion. Yes I would like to decrypt the packets received on my rf_sniffer.

    Currently, I am trying to understand the data security of the TI 15.4 stack. Using rf_sniffer, I can see the encrypted data through wireshark. I want to decrypt this data using the key I have used in my code. i.e KEY_TABLE_DEFAULT_KEY

    I saw that there is an example code in resource explorer called aesccm. But this seems to be for CC26X2 or CC13X2 only. I am finding it difficult to run this example on my CC1350 launchpad.

    Please advise. My main intention is to decrypt the data packet. Thank you.
  • 0 in reply to namdev nayak
    TI__Genius 12415 points
    If you just want to decrypt the packet you can do this using wireshark with the packet sniffer.

    Make sure you have downloaded the latest version of the packet sniffer v1.6.0 (www.ti.com/.../PACKET-SNIFFER-2)
    and the correct version of wireshark (v2.6.x)

    after installing the Packet sniffer you can follow the instructions in the documentation(C:\Program Files (x86)\Texas Instruments\SmartRF Tools\SmartRF Packet Sniffer 2\docs\SmartRF_Packet_Sniffer_2_User_Guide.html) which explain how to enter the keys and addresses to decrypt the packets
  • 0 in reply to Hector_r
    Intellectual 290 points
    Hello Hector,

    1)I tried to do it, I understood how to enter the decryption key and set the static address as explained in the document but i am not able to see any values changing in the wireshark.

    2) when i tried to compare the decrypted data with my actual values i received in the collector, its not matching any of them.
    I would like to know if i should refer to any other documentation other than that?

    thank you in advance.
  • 0 in reply to namdev nayak
    TI__Genius 12415 points

    Are you able to see in wireshark the over the air packets that your devices are sending?

    If your wireshark is capturing packets you should see something like this image below

  • 0 in reply to Hector_r
    Intellectual 290 points

    Hello Hector,

    yes! I can see this in my window but where do i see the decrypted packets?

  • 0 in reply to namdev nayak
    TI__Genius 12415 points

    It looks like your wireshark is using the wrong dissector for parsing the packets. under protocol it should show TI 802.15.4GE and not IEEE 802.15.4 as it is showing in your capture.

    some of the things that you can take a look are:

    - make sure you are running the correct version of the packet sniffer 2

    - make sure you are running the correct version of wireshark

    - make sure the packet sniffer 2 plugins are installed correctly in your wireshark(see image below)

    Also, your issue seems similar to this other E2E thread https://e2e.ti.com/support/wireless-connectivity/sub-1-ghz/f/156/p/748170/2765398#2765398

    take a look at it and see if the same fix works for you