STM32WB-WBA Bluetooth® LE – Encrypted Advertising (EAD)

This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.


1. STM32WB-WBA Encrypted Advertising

This feature - introduced in Bluetooth® 5.4 provides a standardized approach to the secure broadcasting of data in advertising packets.

It is possible to encrypt advertising data by encapsulating the normal advertising data within an Encrypted Advertising Data type (new AD type)
Because the encrypted advertising data nonce is changed whenever the private address is changed, the encrypted data before and after the change is also different.
This approach prevents the tracking of devices based solely on the private address and advertising data.

Only devices that have the key material can decrypt and authenticate messages and track the advertising device.

1.1. Principles

Encrypted Advertising Data (EAD) is a feature that adds the ability to encrypt advertising data.
Encrypted advertisement data can be received by any device but can only be decrypted and authenticated by devices that have previously shared the session key.
This feature allows encrypting the totality or just a sub-set of the payload on a given advertising packet by adding a new AD type called Encrypted Advertising Data (type 0x31) that encapsulates all the AD fields to be encrypted.

Encryption of "Encrypted Advertising Data" is based on an algorithm using the value of a new characteristic added to GAP service (or other service) and AES..(to complete) The characteristic: Encrypted Data Key Material is readable and indicatable by a device authenticated and authorized.

The peer device, receiving advertising reports containing AD type "Encrypted Advertising Data" is able to decode encrypted data using the previously read Encrypted Data Key Material.

Encrypted Data Key Material characteristic (UUID: 0x2B88) contains a 24-octet value which is made up of:

*session key: 16 bytes
*iv: 8 bytes
Bluetooth® Read Encrypted Data Key Material characteristic
Connectivity read charac.png


Bluetooth® Encrypted Data Key Material characteristic Indication
Connectivity charac indication.png


1.2. Transmission of encrypted data

A new AD type called Encrypted Data is defined to be used as a container for the data produced by encrypting the sequence of one or more AD types that need to be secured.

In addition to the data payload, the Encrypted Data AD structure’s data field contains a 40-bit Randomizer field and a 32-bit Message Integrity Check (MIC).

Below an example of advertising payload which contains 1 AD type (Local Name) that has been encrypted and encapsulated within the Encrypted Data AD type and one AD type (Flags) which is included unencrypted.

Bluetooth® Encrypted Data AD type
Connectivity encapsulated data.png



Info white.png Information
The Randomizer field contains a 5-octet random number generated per the requirements for random numbers stated in the Bluetooth Core Specification.

A new Randomizer value must be generated every time the payload value changes. The Randomizer value is used in formulating a nonce which the CCM algorithm requires.

1.3. Advertising data

At startup, Peer To Peer Server application starts Advertising.
Data advertised are composed as follows:

P2P Server Long Range Advertising packet
Description Length AD Type Value
Device Name 8 0x09 EADS_XX (XX: last byte of BD address)
Manufacturer Data 15 0xFF See table below
Flags 2 0x01 0x06
(GeneralDiscoverable, BrEdrNotSupported)


1.3.1. STM32WB

1.3.2. STM32WBA

Manufacturer data are encoded following STMicroelectronics BlueST SDK v2 as described below:

STMicroelectronics Manufacturer Advertising data
Byte Index 0 1 2-3 4 5 6 7 8 9 10-15
Function Length Manufacturer ID Company BlueST SDK Version Device ID Firmware ID Option 1 Option 2 Option 3 Device Address
Value 0x0F 0xFF 0x0030 STMicro 0x02 0x8B Nucleo-WBA 0x8F - p2p Server Long Range 0x00 0x00 0x00 0x08E12Axxxx


1.4. STM32WB EAD Central and Peripheral applications

Extended advertising is used to allow more data in adverting reports.
EAD Central acts as a Central device with the support of GATT Client Layer.

At reset, EAD Client application initialization:

  • Starts scanning to detect EAD Server application by filtering the Firmware ID of the STMicroelectronics Manufacturer advertising data
  • Stops Scanning once EAD server detected
  • Push SW3: Connects to the EAD Server to establish the connection.
  • Discovers GAP and GATT Services & Characteristics of the EAD server
  • Enable all GATT server notification characteristics
  • Starts pairing procedure
  • Performs ATT MTU exchange procedure
  • Reads "Encrypted Data Key Material" characteristic
  • Push SW2: Sends disconnection request
  • Push SW1: starts scanning. if Encrypted Advertising Data AD flag is present, decryption is requested and successed.

EAD Peripheral acts as a Peripheral device with the support of GATT Server Layer.

At reset, EAD Peripheral application starts one extended advertising set containing an encrypted field.

  • After disconnection, peripheral restarts advertising.
Example of flow diagram between STM32WB EAD Server & EAD Client
STM32WBA P2P Flow Diagram


1.5. STM32WBA EAD Central and Peripheral applications

Extended advertising is used to allow more data in adverting reports.
EAD Central acts as a Central device with the support of GATT Client Layer.
At reset, EAD Client application initialization:

  • Push B1: Starts scanning to detect EAD Server application by filtering the Firmware ID of the STMicroelectronics Manufacturer advertising data
  • Stops Scanning once EAD server is detected
  • Push B3: Connects to the EAD Server (founded device) to establish the connection.
  • Discovers GAP and GATT Services & Characteristics of the EAD server
  • Enable all GATT server notification characteristics
  • Performs ATT MTU exchange procedure
  • Starts pairing procedure
  • Reads "Encrypted Data Key Material" characteristic
  • Push B2: Sends disconnection request
  • Push B1: Starts scanning. if Encrypted Advertising Data AD flag is present, decryption is requested and successed.

EAD Peripheral acts as a Peripheral device with the support of GATT Server Layer.
At reset, EAD Peripheral application starts one extended advertising set containing an encrypted field which is not decrypted.

  • After disconnection, peripheral restarts advertising.
Example of flow diagram between STM32WBA EAD Server & EAD Client
STM32WBA P2P Flow Diagram


1.6. On-board buttons configuration

1.6.1. STM32WB

Button configuration for Bluetooth® Low Energy Long Range application on Nucleo-WBA55CG boards
Application Condition B1 Click B1 Long Press B2 Click B2 Long Press B3 Click B3 Long Press

Long Range Server

 		Idle - / - / - /
Connected Starts/Stops notification Change LE coded PHY Options
Long Range Client Idle Starts scan then connects / - / - /
Connected Starts/Stops write data Change LE coded PHY Options

1.6.2. STM32WBA

1.7. Collector applications compatibility

For STM32WB:
Both projects from STM32WB BLE_p2pServer_EAD_Ext and BLE_p2pClient_EAD_Ext are compatible.
...change name

For STM32WBA:
Both projects from STM32WB BLE_p2pServer_EAD_Ext and BLE_p2pClient_EAD_Ext are compatible.
...change name

1.8. Code example

A STM32WB EAD code example (peripheral and central) will be shared on STM32-Hotspot GitHub [1]

A STM32WBA EAD code example (peripheral and central) will be shared on STM32-Hotspot GitHub [2]

2. References

  1. STM32WBA Long Range code example
  2. STM32WBA Long Range code example
Retrieved from "https://wiki.st.com/stm32mcu/index.php?title=Connectivity:STM32WB-WBA_Encrypted_Advertising_(EAD)&oldid=53586"
No categories assignedEdit