Page 1 of 1

BLE Characteristic Encryption

Posted: Fri Feb 08, 2019 8:55 am
by sankharay
Hi,

we are trying to encrypt BLE characteristic in esp32 platform which works like a peripheral.
Passing ESP_GATT_PERM_READ_ENCRYPTED | ESP_GATT_PERM_WRITE_ENCRYPTED in esp_ble_gatts_add_char.
Before this Pairing and bonding is happening.
How to test that characteristic data is getting encrypted?
Please let us know the way to check this.

Re: BLE Characteristic Encryption

Posted: Tue Feb 12, 2019 9:00 am
by chegewara
Hi,
when you are using ESP_GATT_PERM_READ_ENCRYPTED | ESP_GATT_PERM_WRITE_ENCRYPTED flags in characteristics permissions then, as you could see, at least pairing needs to be performed. In case encrypted connection cant be established you will be disconnected with GATT_INSUF_AUTHENTICATION error.

Remember to protect descriptors with ESP_GATT_PERM_READ_ENCRYPTED | ESP_GATT_PERM_WRITE_ENCRYPTED too.
ESP_GATT_PERM_READ_ENCRYPTED | ESP_GATT_PERM_WRITE_ENCRYPTED does not protect against MITM attack.