AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

staibiii
Posts: 7
Joined: Mon Feb 28, 2022 12:16 pm

AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Postby staibiii » Wed Mar 02, 2022 2:18 pm

Hello everybody,

I don't understand the diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM. Can somebody please explane it to me?

ESP_Sun
Posts: 326
Joined: Thu Dec 30, 2021 9:52 am

Re: AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Postby ESP_Sun » Fri Mar 04, 2022 5:38 am

Hi, you can take a look at the explanation of SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM in this file (https://github.com/espressif/esp-idf/bl ... _ble_api.h). In fact, MITM can be understood as requiring human participation in practice, such as entering a password and comparing the pairing code; if the default password is used for encryption and pairing (JUST WORK ) method, there is no way to prevent MITM attacks
企业微信截图_16463626306664.png
企业微信截图_16463626306664.png (33.57 KiB) Viewed 2565 times

staibiii
Posts: 7
Joined: Mon Feb 28, 2022 12:16 pm

Re: AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Postby staibiii » Wed Mar 09, 2022 7:26 pm

Thank you for your help. Really appreciate that.

Who is online

Users browsing this forum: No registered users and 19 guests