Setting the WIFI in NaN mode for data monitoring

djixon
Posts: 113
Joined: Sun Oct 01, 2023 7:48 pm

Setting the WIFI in NaN mode for data monitoring

Postby djixon » Mon May 27, 2024 12:33 pm

Is there any working API (or it has to be written from the scratch) which allows this for WPA2 security level?

For example you have two of ESP32 devices (one as AP and second as STA) properly configured and connected over wifi lets call them PEERs. So, both MAC addresses are known, wifi channel is also known, SSID and WPA2 Password are also known.

Now you want to utilize third ESP32 device to monitor all communication in between those two PEERs. By configuring it in the NAN mode and filter just specific channel and specific MAC address allows capturing of all pcakets (management, control, data and misc packets). However, data packets are encrypted and only IEEE802.11 headers containing packet length and MAC addresses info can be extract from those data packets without decryption. Since the WPA2 security standard generates a pairwise temporal key (PTK) composed of WPA2 passphrase and some random numbers (nonces) generated by each peer on every new re-connection of the PEERs (yes, PTK changes with every new session) it means the NAN configured device has to be able to also generate such a PTK by knowing all of previously mentioned things and if it is started BEFORE the connection (re-connection) in between PEERs is established. Only that way it will have all required packets from the beginning (exchanged during handshake of the PEERs) which contain those nonces generated by each peer for that actual session. All previous known things with those nonces should be enough for NAN device to calculate PTK and use AES-CCMP algorithm to fully decrypt all data packets during an active session.

Is there an API or a working example for ESP-IDF 5.2 where ESP32 fully monitors (with decryption of data packets) communication in between two peers (of course providing proper MAC, channel, SSID and password)? (I do not want to use applications like wireshark which requires for all trafic to be logged and stored and later analyzed. I want the same behavior at runtime. Just by knowing all of mentioned things, ESP32 monitoring device should be able to have all decrypted data live)

liaifat85
Posts: 200
Joined: Wed Dec 06, 2023 2:46 pm

Re: Setting the WIFI in NaN mode for data monitoring

Postby liaifat85 » Mon May 27, 2024 2:55 pm

As far as I know,there isn't a ready-made API or example demonstrating your exact scenario in the ESP-IDF (Espressif IoT Development Framework).

Who is online

Users browsing this forum: No registered users and 294 guests