nRF Sniffer for Bluetooth LE v4.1.x

Sniffing a connection between bonded devices

Use the nRF Sniffer for Bluetooth® to sniff an encrypted connection between bonded devices. If the nRF Sniffer has previously successfully sniffed the pairing procedure, it remembers the Long Term Key (LTK) needed to decrypt the connection. Otherwise, you must provide the LTK.

  1. Run the nRF Sniffer (if not already running).
  2. Select your device from the device list.
  3. Enter the LTK for the bond.
    • For connections that have an existing legacy bond, select Legacy LTK as input key and type the legacy LTK key in big-endian, hexadecimal format with a leading "0x" into the input field in Wireshark.
    • For connections that have an existing LE Secure Connections bond, select SC LTK as input key and type the LE Secure Connections LTK key in big-endian, hexadecimal format with a leading "0x" into the input field in Wireshark.
  4. Initiate encryption between the devices (pairing is not performed when a bond exists).
Parent topic: Common sniffing actions