Home/Support/Support Forum/How to encrypt/decrypt API frames sent over Bluetooth

How to encrypt/decrypt API frames sent over Bluetooth

0 votes
I am developing a React Native app (Javascript) that connects to an XBee3 over Bluetooth. I have successfully authenticated using SRP and now I need to send an AT Command request.

First: I assume that I encrypt the entire frame (including start byte and checksum). Is that correct?

Second: I have the Tx nonce value and I'm trying to understand the correct way to use it in the AES CTR mode encryptor. My current understanding is that it's a 16-length byte array where the first 12 bytes are the nonce and the remaining 4 bytes are the zero-padded integer, i.e.

Nonce (12 bytes) Counter (4 bytes)

3b cf 74 55 d4 37 27 6c 0e 13 ce 60 00 00 00 01

Is this correct?
asked Sep 3 in XBee3 DigiMesh by t3db0t New to the Community (1 point)

Please log in or register to answer this question.

2 Answers

0 votes
I am not sure where you are thinking that you need to use AES encryption on the BLE interface.

As for sample code, there is code in the Java Libraries.
answered Sep 3 by mvut Veteran of the Digi Community (14,715 points)
XBee3 Pro Manual, page 315: "Upon completion of M2 verification, the session key has been determined to be correct and the API service is unlocked and will allow additional API frames to be used. Content from this point will be encrypted using AES-256-CTR with the following parameters..."
That is on page 316.
0 votes
I verified that 1) is correct and 2) is also correct.
answered Sep 7 by t3db0t New to the Community (1 point)