Page 1 of 1

AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Posted: Wed Mar 02, 2022 2:18 pm
by staibiii
Hello everybody,

I don't understand the diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM. Can somebody please explane it to me?

Re: AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Posted: Fri Mar 04, 2022 5:38 am
by ESP_Sun
Hi, you can take a look at the explanation of SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM in this file (https://github.com/espressif/esp-idf/bl ... _ble_api.h). In fact, MITM can be understood as requiring human participation in practice, such as entering a password and comparing the pairing code; if the default password is used for encryption and pairing (JUST WORK ) method, there is no way to prevent MITM attacks
企业微信截图_16463626306664.png
企业微信截图_16463626306664.png (33.57 KiB) Viewed 2600 times

Re: AT+BLEENC diffrence between SEC_ENCRYPT and SEC_ENCRYPT_NO_MITM

Posted: Wed Mar 09, 2022 7:26 pm
by staibiii
Thank you for your help. Really appreciate that.