ESP32 IEEE802.11 payload encryption and decryption API
-
- Posts: 21
- Joined: Sat Jun 30, 2018 1:04 pm
ESP32 IEEE802.11 payload encryption and decryption API
Hi,
I have developed sample WiFi sniffer application using esp32 promiscuous mode functionality.
able to receive packets successfully, Now my query is how can I check that received payload is encrypted or not?
Is it possible to decrypt packets, received using promiscuous mode received callback function?
Thank you,
Ankit Siddhapura
I have developed sample WiFi sniffer application using esp32 promiscuous mode functionality.
able to receive packets successfully, Now my query is how can I check that received payload is encrypted or not?
Is it possible to decrypt packets, received using promiscuous mode received callback function?
Thank you,
Ankit Siddhapura
Re: ESP32 IEEE802.11 payload encryption and decryption API
Hi
However, this bit indicate only thst frame is encrypted, but what type of encryption - WEP/WPA/WPA2 - has no information
Question continued
for example, I know the password/key in the current Wi-Fi network.
Does IDF has function like wpa2_decrypt(*message, *wpa2_key) to decrypte received frame?
Thank you
Look at the MAC header -> Frame Control -> Protected Frame FieldNow my query is how can I check that received payload is encrypted or not?
However, this bit indicate only thst frame is encrypted, but what type of encryption - WEP/WPA/WPA2 - has no information
Question continued
for example, I know the password/key in the current Wi-Fi network.
Does IDF has function like wpa2_decrypt(*message, *wpa2_key) to decrypte received frame?
Thank you
Re: ESP32 IEEE802.11 payload encryption and decryption API
Hi,Xarlan wrote: ↑Mon Dec 24, 2018 9:32 amHiLook at the MAC header -> Frame Control -> Protected Frame FieldNow my query is how can I check that received payload is encrypted or not?
However, this bit indicate only thst frame is encrypted, but what type of encryption - WEP/WPA/WPA2 - has no information
Question continued
for example, I know the password/key in the current Wi-Fi network.
Does IDF has function like wpa2_decrypt(*message, *wpa2_key) to decrypte received frame?
Thank you
I believe there should not be any function to decrypt message due to security reason at stack level still need to confirm with Espressif Team for that.
Regards,
Ritesh Prajapati
Ritesh Prajapati
-
- Posts: 9711
- Joined: Thu Nov 26, 2015 4:08 am
Re: ESP32 IEEE802.11 payload encryption and decryption API
I don't know that much about WPA, but I wouldn't be surprised if it uses random ephemeral keys that are exchanged by something like Diffie-Helman. In that case, the keys aren't really retrievable in any fashion if you don't have access to either the AP or the client.
Re: ESP32 IEEE802.11 payload encryption and decryption API
I mean use this "magic function" ( like wpa2_decrypt(*message, *wpa2_key)) to decrypt message into my wi-fi network.I believe there should not be any function to decrypt message due to security reason at stack level still need to confirm with Espressif Team for that.
For example, I have some device which connected to my router via Wi-Fi and I would like to see which data is transfered between my device and my router.
Also the question to Espressif Team
The section "Wi-Fi Sniffer Mode" https://docs.espressif.com/projects/esp ... /wifi.html
The driver don't support:
802.11 Control frame
802.11 error frame, such as the frame with a CRC error, etc.
But, in esp-idf -> esp_wifi_types.h there are a lot of "WIFI_PROMIS_*" to filter a lot of different packet (including Control Frame, etc).
Moreover, why "esp_wifi_80211_tx" can transmit only "beacon/probe request/probe response/action and non-QoS data frame"?
As I understand it is only program limitation/driver limitation. Is it possible to remove this limitation that esp32 support all type of frame and may transmit all type of frame.
For example СС3100/CC3200 http://processors.wiki.ti.com/index.php ... iver_Mode# may receive and transmit all 802.11 frame.
Thank you
Re: ESP32 IEEE802.11 payload encryption and decryption API
Thanks for reply.Xarlan wrote: ↑Fri Jan 04, 2019 6:24 pmI mean use this "magic function" ( like wpa2_decrypt(*message, *wpa2_key)) to decrypt message into my wi-fi network.I believe there should not be any function to decrypt message due to security reason at stack level still need to confirm with Espressif Team for that.
For example, I have some device which connected to my router via Wi-Fi and I would like to see which data is transfered between my device and my router.
Also the question to Espressif Team
The section "Wi-Fi Sniffer Mode" https://docs.espressif.com/projects/esp ... /wifi.html
The driver don't support:
802.11 Control frame
802.11 error frame, such as the frame with a CRC error, etc.
But, in esp-idf -> esp_wifi_types.h there are a lot of "WIFI_PROMIS_*" to filter a lot of different packet (including Control Frame, etc).
Moreover, why "esp_wifi_80211_tx" can transmit only "beacon/probe request/probe response/action and non-QoS data frame"?
As I understand it is only program limitation/driver limitation. Is it possible to remove this limitation that esp32 support all type of frame and may transmit all type of frame.
For example СС3100/CC3200 http://processors.wiki.ti.com/index.php ... iver_Mode# may receive and transmit all 802.11 frame.
Thank you
Espressif Team can help for you query and I believe they are providing due to security reason or something like that.
Regards,
Ritesh Prajapati
Ritesh Prajapati
-
- Posts: 21
- Joined: Sat Jun 30, 2018 1:04 pm
Re: ESP32 IEEE802.11 payload encryption and decryption API
Hi All,
Sniffer generates key using SSID and password for given authentication mode. Online same key can be generated.
using same key I have encrypted packet using esp encrypt API and decrypting packet with same decrypt API of ESP-IDF.
I did this practice long ago, need to check once whole procedure and confirm output.
Regards,
Ankit Siddhapura
Sniffer generates key using SSID and password for given authentication mode. Online same key can be generated.
using same key I have encrypted packet using esp encrypt API and decrypting packet with same decrypt API of ESP-IDF.
I did this practice long ago, need to check once whole procedure and confirm output.
Regards,
Ankit Siddhapura
Re: ESP32 IEEE802.11 payload encryption and decryption API
Hi,
New to this forum.
I have the same question as the OP on this thread. It doesn't seem to have been fully answered.
Is it possible to programmatically decrypt packets that were encrypted using WPA Personal? Of course I have the wifi password.
I'm using an Adafruit Huzzah32 ESP32 board and Arduino IDE. My project is home automation with Sonos.
Cheers,
Geoff.
New to this forum.
I have the same question as the OP on this thread. It doesn't seem to have been fully answered.
Is it possible to programmatically decrypt packets that were encrypted using WPA Personal? Of course I have the wifi password.
I'm using an Adafruit Huzzah32 ESP32 board and Arduino IDE. My project is home automation with Sonos.
Cheers,
Geoff.
Re: ESP32 IEEE802.11 payload encryption and decryption API
Yes. if you have certificates or key then it can be possible to decrypt data which are encrypted with some keys or certicate.geoff2802 wrote: ↑Tue Aug 17, 2021 8:09 amHi,
New to this forum.
I have the same question as the OP on this thread. It doesn't seem to have been fully answered.
Is it possible to programmatically decrypt packets that were encrypted using WPA Personal? Of course I have the wifi password.
I'm using an Adafruit Huzzah32 ESP32 board and Arduino IDE. My project is home automation with Sonos.
Cheers,
Geoff.
Regards,
Ritesh Prajapati
Ritesh Prajapati
-
- Posts: 9711
- Joined: Thu Nov 26, 2015 4:08 am
Re: ESP32 IEEE802.11 payload encryption and decryption API
Note that in the case of WPA Personal, 1. it depends on you having sniffed the connection start as well (as the nonce that is used in the rest of the connection encryption is exchanged there) and 2. the implementation of this is left as an exercise to the reader (as in: there's not really any code for this in ESP-IDF or Arduino). Basically, unless you're willing to dive deep into the technical details of the protocol and our WiFi logic, I posit it's not practically possible at this moment.
Who is online
Users browsing this forum: Majestic-12 [Bot] and 50 guests