Query regarding Moddable nimble data encryption support

[jainilsshah]

I am using Moddable nimble in my one project. I have query regarding Moddable nimble data encryption support. I am using ESP32S3 as BLE server and android nrf connect application as BLE client.

Does moddable support AES 256?

I want to encrypt data communication happening between two devices. I have gone through the doc and found details on this page. https://www.moddable.com/documentation/network/ble/ble. I think below line is responsible for adding encryption support on BLE server on ESP32S3.

this.securityParameters = { encryption:true, mitm:true, bonding:true };

By using this line, I think all data communication between two devices is encrypted. So, anyone can not understand data even by sniffing packets over the air. Is this my understanding correct?

Or I need to encrypt and decrypt data at both the end (BLE server and BLE client). If this is the case, then I need encrypt and decrypt key at both the devices and need to perform encryption and decryption using corresponding keys. Is this correct? Please share details.

Please provide brief information/details regarding Moddable nimble security related parameters, encryption, authentication and secure connection.

Thanks.

[phoddie]

Hello, again.

When encryption is enabled, the data is indeed encrypted by the BLE layer.

But, this isn't a question about the Moddable SDK. The Moddable SDK provides a JavaScript API to use BLE through NimBLE. NimBLE implements the BLE connection. NumBLE is responsible for negotiating the encryption. The details of the communication are determined by the BLE specification.

[jainilsshah]

Thanks for the response.

So, just to enable encryption on ESP32S3 using nimble is achieved using below implementation. Correct? Please confirm.

So, question is - in nimble BLE Server running on ESP32S3, user don't need to do anything to add encryption support. Correct?

[phoddie]

Please see the documentation which states, in part:

BLE clients and servers use the securityParameters ...[to]... request link-layer security to protect data transferred between devices. ... Once the pairing process is complete, the connection and data transferred is encrypted.