esp-now: How can I find out if a message is encrypted or not? #311
Comments
|
Ideally, there should be a flag in the receive callback, e.g. static void ICACHE_FLASH_ATTR cbNowRecv(uint8_t *mac_addr, uint8_t *pdata, uint8_t len, bool encrypted) { so we can decide whether we accept the message or not. This way we could still have unencrypted broadcast messages for other uses. |
This was referenced Mar 15, 2022
|
Has anything happened with this issue? Just noticed the same behaviour today and it's a major security concern. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My project switches devices on and off and is not necessarily logged onto a WiFi. So I thought esp-now is worth a try. For security reasons I need encryption so that no unauthorized sender can switch on/off my device. My understanding is that I need to register the possible receivers using
esp_now_add_peer(MAC1, ESP_NOW_ROLE_COMBO, CHANNEL, key, sizeof(key));
Now the problem is, I can still receive unencrypted messages, e.g. broadcast messages. And there is no way I can find out that they actually were unencrypted! So any attacker can easily forge messages that switch on and off my devices. How do I prevent that?
The text was updated successfully, but these errors were encountered: