1.1.1.5.1 Encrypted Advertising Data

To implement the feature of encrypting and decrypting sensitive data in BLE advertising, you need to follow a structured process that ensures both security and interoperability between the Peripheral (Server) and Central (Client) devices. The Peripheral begins by preparing its advertising data, which includes only non-sensitive information such as the device name in plain text. This ensures that any device scanning for advertisements can easily identify the Peripheral without exposing confidential information. For sensitive data, the Peripheral generates local "Key Material," which consists of a Session Key and an Initialization Vector (IV), as specified in 12.6 Encrypted Data Key Material in the BLUETOOTH CORE SPECIFICATION Version 6.0 | Vol 3, Part C. This Key Material and MW_MISC_EncryptAdvData() are used to encrypt the sensitive data, which is then appended to the advertising packet. The Peripheral uses BLE_GAP_SetAdvData() or BLE_GAP_SetExtAdvData() to broadcast the advertising data, which now contains both unencrypted and encrypted segments.

When the Central scans for advertising packets, it can immediately read and recognize only the unencrypted, non-sensitive data, such as the device name. The encrypted data remains unreadable to the Central until it obtains the necessary decryption keys. To access the encrypted data, the Central must first establish a connection with the Peripheral. Once connected, the Central enables the indication on the Client Characteristic Configuration Descriptor (CCCD) of the "Encrypted Data Key Material" characteristic (UUID: 0x2B88), as defined in 12.6 Encrypted Data Key Material in the BLUETOOTH CORE SPECIFICATION Version 6.0 | Vol 3, Part C. This is accomplished using the GATTC_Write() function. After enabling the indication, the Central reads the Key Material (Session Key and IV) from the Peripheral by accessing the "Encrypted Data Key Material" attribute using GATTC_Read(). Peripheral(Server) sends the Key Material (Session Key and IV) through GATTS_EncDataKeyMatlRsp() when receiving GATTS_EVT_ENC_DATA_KEY_MATL_REQ event.

If the Peripheral updates the Key Material using GATTS_UpdateEncDataKeyMatl(), the Central will receive a GATTC_EVT_HV_INDICATE event, which provides the new Key Material. This mechanism ensures that the Central always has the latest encryption keys needed to decrypt sensitive data in future advertising packets. With the Session Key and IV obtained, the Central can now use MW_MISC_DecryptAdvData() to decrypt the encrypted portion of the advertising data and access the sensitive information. This process ensures that sensitive data is only accessible to authorized devices that have established a secure connection and obtained the necessary decryption keys.

By following this approach, developers can implement a secure and efficient method for transmitting sensitive information in BLE advertising packets. The use of standardized characteristics and key formats, as outlined in the Bluetooth Core Specification, guarantees compatibility across devices and platforms. This method not only protects user privacy but also maintains the integrity of the data being transmitted. In summary, the process involves encrypting sensitive data with locally generated Key Material, broadcasting it alongside unencrypted data, and enabling secure key exchange and decryption through BLE connection procedures and characteristic operations.