Data format 8 (Encrypted environmental)
Lifecycle: Proposal
This is a proposed encrypted data format which is not yet implemented in Ruuvi devices outside of a few proof-of-concept projects
The encryption uses nRF52-builtin AES128 encryption in Elctronic Codebook (ECB) mode. Data to be encrypted is temprature, humidity, pressure, voltage, TX power, measurement count and movement counts. The measurement sequence counter protects against replay attacks. All measurements where encrypted data and nonce are equal can be considred duplicates.
Data format has an unencrypted header, 16 bytes of AES-128 encrypted data, 1 byte nonce and 6 bytes long MAC address for iOS devices.
Offset | Allowed values | Description |
0 |
| Data format. |
1-2 |
| Temperature in 0.005 degrees. |
3-4 |
| Humidity (16bit unsigned) in 0.0025% (0-163.83% range, though realistically 0-100%). |
5-6 |
| Pressure (16bit unsigned) in 1 Pa units, with offset of -50 000 Pa. |
7-8 |
| Power info (11+5bit unsigned), first 11 bits is the battery voltage above 1.6V, in millivolts (1.6V to 3.646V range). Last 5 bits unsigned are the TX power above -40dBm, in 2dBm steps. (-40dBm to +20dBm range). |
9-10 |
| Movement counter (16 bit unsigned), incremented by motion detection interrupts from accelerometer |
11-12 |
| Measurement sequence number (16 bit unsigned), each time a measurement is taken, this is incremented by one, used for measurement de-duplication. Depending on the transmit interval, multiple packets with the same measurements can be sent, and there may be measurements that never were sent. |
13-16 |
| Reserved for future use. |
17 |
| CRC8, used to check for correct decryption. |
18-23 |
| 48bit MAC address. |
The encryption key is formed from 64-bit tag ID, 8 bit encryption nonce and a static password with length of 16 bytes by appending nonce to ID and XORing the 9 bytes with 9 first bytes of password
Invalid values
If a value cannot be determined for any reason, a special invalid value is sent. For unsigned values the invalid value is largest presentable number, for example 0xFFFF and for signed values the invalud value is smallest presentable number, for example 0x8000. Invalid values should be treated as NULL, NAN, NONE or similar by the parser.
Example
Data | Value |
Temperature | 24.58 C |
Humidity | 40.54 RH-% |
Pressure | 100453 Pa |
Battery | 2.765 V |
TX Power | +4 dBm |
Movement | 15 |
Measurement | 6353 |
Reserved | 0 |
Checksum | |
MAC | 0xAABBCCDDEEFF |
Keys | Binary |
ID | 0x0011223344556677 |
Password | 0x5275757669636f6d5275757669546167 "RuuvicomRuuviTag" |
Unencrypted binary:
DF | T | H | P | B+TX | C | M | R | CH | MAC |
08 | 1334 | 3F58 | C515 | 48E6 | 000F | 18D1 | 000000E0 | 1C | AABBCCDDEEDD |
Encryption key:
Component | Binary |
ID | 00 11 22 33 44 55 66 77 |
password | 52 75 75 76 69 63 6f 6d 52 75 75 76 69 54 61 67 |
Result | 52 64 57 45 2d 36 09 1a 52 75 75 76 69 54 61 67 |
Encrypted data: 0x43825B56324FE019C4BD4D6D3CECAC6E
Complete message:
DF | T | H | P | B+TX | C | M | R | CH | MAC |
08 | 4382 | 5B56 | 324F | E019 | C4BD | 4D6D | 3CECAC6E | 1C | AABBCCDDEEDD |
TODO: Test vectors
Last updated