In ESP32 there is a feature that you can encrypt data or messages using ESP-NOW technology developed by Espressif System. With this feature, we now transmit encrypted data from one ESP32 to another This communication protocol is running in low-power, secure and direct wireless to wireless communication that enables multiple ESP32 development board devices to communicate with each other without a router or a wifi access point. However, we will be going to demonstrate how we are going to transmit data from one ESP32 to another ESP32 with the help of ESP-NOW protocol to secure our data transmission to implement this method we will be utilizing CCMP and then correlating with the primary master key (PMK) and local master key (LMK).

What is ESP-NOW protocol?

ESP-NOW is a fast, connectionless communication technology featuring short packet transmission. ESP-NOW is excellent for smart lights, remote control devices, sensors, and other applications. ESP-NOW supports encrypted/unencrypted unicast communication and can be mixed with encrypted/unencrypted peer devices with a limited up-to 250bytes of payload, the sending callback feature can be set to notify the application layer of transmission success or failure. This protocol has also a limitation such as broadcast is not supported, and limited encrypted peers. This peer supports 10 encryption at most in a single station.

To establish a connection you need to initialize the ESP-NOW, you need to pair the ESP32 development first. However, these connection settings will stay regardless of whether any of the boards rebooted or restart, it will still transmit data continuously.

ESP-NOW Data Encryption using CCMP

CCMP Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is a security protocol purposely developed and designed to use for Wireless LAN devices. However, the ESP-NOW protocol adopts this method to encrypt data and messages. CCMP uses a PMK (Primary Master Key) / LMK (Local Master Key) to encrypt the data that transmit & receive wirelessly. The PMK (Primary Master Key) is typically used to encrypt the LMK (Local Master Key) using an encryption standard AES-128 algorithm. However, the LMK (Local Master Keys) to encrypt the 802.11 Vendor Specific Action frame is defined for vendor-specific signaling. these type of keys has a size of 16bytes which is set to the code. The sender and receiver of both ESP32 boards should be programmed with the same Primary Master Key and Local Master Keys to intercommunicate successfully.

Setting up One-Way Encrypted Data Transmission with ESP-NOW

We will demonstrate how we going to send an encrypted message from the ESP32 Host to the ESP32 Client development board utilizing ESP-NOW protocol, In this method, we use a most straightforward configuration where ESP32 Host/Master is the sender and the ESP32 Client will be the receiver. You may also use the same approach to send encrypted data coming from the sensor attached to the ESP32 Development Board.

For this scenario, we will be going to generate a random number that holds two numbers from 0 to 100 and then count the variable that will represent the number of messages. The ESP32 Host/Master will transmit this data to the ESP32 Client. However, to encrypt the data we will set it’s first as the Primary Master Key using a function esp_now_set_pmk() then the Host/Master will be utilized as a receiver keep in mind that the MAC address requires to set as a peer at this moment, the LMK(local Master Key) is also set and configure by the Client keep also in mind that both Host/Master and Client are same PMK (Public Master Key) to communicate successfully, additionally, the LMK (Local Master Key) will be also the same. The ESP32 Client will transmit message/data to the ESP32 Host/Master via ESP-NOW Protocol.

Setting Up the IDE

For this testing we will use Arduino IDE to code our ESP32 board, to download the Arduino IDE follow this link, moreover, you need to install the ESP32 add-ons in Arduino IDE (Board Manager) before we can program the ESP32 development board. To install the ESP32 Add-ons see the below illustration.

Copy and Phase this URL  to your Arduino IDE Additional board manager URL  :

How to find/obtain the ESP32 Development Board MAC (Media Access Control) Address / MAC Address?

First thing first open your Arduino IDE and navigate to File > New to open a new sketch file, then copy the code below and save it.

Keep in mind that you selected the correct board at the board manager alongside your COM port before you flash or upload the code. Navigate to TOOLS > BOARD > ESP32 DEV MODULE. then TOOLS > PORT and choose the suitable communication port which is the esp32 board is connected.

To upload your code into our ESP32 development board, you need pressed the upload button at the IDE then pressed also the button at
at the corner of your ESP32 development board

ESP-NOW – Source Code for Sender

ESP-NOW – Source Code for Receiver

Downloads and Datasheets


How to ESP32 Encrypted Data Transmission / Send & Receive Data with ESP-NOW Protocol
Tagged on:                         

Leave a Reply

Your email address will not be published. Required fields are marked *