ESP now encrypted communications

[mischmerz]

Weird phenomenon (ESP now) :

I am setting the kok for both units, and am using the keys for add_peer() as well as set_peer_key(). Roles are set properly. Problem is, it kinda works too well :D

a) Controller (no crypto configured) -> Slave (no crypto configured) : OK
b) Controller (valid crypto key) -> Slave (valid crypto key) : OK
c) Controller (invalid crypto key) -> Slave (valid crypto key) :FAIL
d) Controller(valid crypto key) -> Slave (no crypto configured) : FAIL

.. so far .. so good. BUT:

e) Controller (no crypto key configured) -> Slave (valid crypto key) :OK

Seems the controller accepts un-encrypted messages even if a kok has been configured and a crypto key has been set for the peer. This is obviously bad as it doesn't allow the slave to authenticate the controller. It seems to be impossible to determine if the controller used a valid key or no key at all.

Any ideas?

Michaela

[ramiws]

Is this will be ever fixed? is there work around ?

[jmzjmzjmz]

this seems like a pretty big security risk, no? what's stopping someone from flooding an esp now network on the broadcast address?

[ChuckMash]

Noticed this today.

An ESP8266 without encryption can successfully send ESP-NOW to an ESP8266 with encryption.
This does not appear to impact the ESP32 implementation.