Support for encryption?


Does the HereLink have anykind of a encryption on the link?

1 Like

Yes it does

Can you elaborate a bit more how and which methods?

This is just not quite enough as an answer for something important like this.
I would need to know if the units authenticate each other and which crypto features are used to secure the over the air link.

I do understand that this unit is still in beta and things can change, however the higher level principles are quite the same in any solution.

Why do you need encryption?

Actually we would prefer to have both authentication and encryption schemes on these units. Currently the most important reason is that some of our clients require encrypted link.

In close future (2020 July) the EU new regulation for specific category UA (typically professional type UA) indirectly require to have encrypted (and authenticated) link between the remote controller and the UA in higher risk operations. A higher risk operation can typically be a VLOS flight over sparsely populated area.

The combination of encryption and authentication will provide protection from most basic security/MITM/replay attacks, even tough those are highly unlikely to happen.

PS. In my opinion the encryption & authentication should be the default. Without no questions asked.

1 Like

it uses 128 bit aes-ctr as per the LTE spec no evidence of a successful hack yet.

Ist the encryption symmetric or asymetric?

1 Like


RSA256 is already braked and dangerous to use. So which encryption algorithms are used for asymetric and symmetric encryption? For asymetric key exchange there should be RSA, DH or some eliptic curve algorithms. For message encryption, there might be AES, ChaCha20 or others. What lengths of keys are used?

I would like to ask more about this topic.

Right now I have herelink with Beta2 installed, in this system, is there any kind of encryption in the communication? RSA256?

Thank you.

1 Like

Yes, 128

@Michael_Oborne @philip
It seems like the S1 SoC you are using does not have hardware acceleration for AES. AES in software is not feasible due to neccessarry processing and know how to do AES256 right.

So obviously you are not using AES256.

How does your encryption concept for the here link look like in detail?
Without this info, the here link is not an option for our clients.

I need an answer please. We need to know if we can still consider Herelink usefull in EU.

there herelink over the air uses aes, not rsa
it uses aes-128-ctr

Thank you for this information @Michael_Oborne. Does the encryption include all data on the link (video / control / telemetry)? And is the encryption active in both directions over the air (from drone to herelink as well as from herelink to drone)?

yes, all data over the link, and is 2 way. (initial pairing would be the exclusion here of course)

Thanks for the info!

Can I ask about the pairing? It reminded me of a WPS-type pushbutton join on routers of years past, which is now known to have some severe vulnerabilities. With the antennas on the air unit being labelled ‘WiFi’, this makes me wonder if the connection could be joined by a malicious actor while in use?

I hope I’m not coming off as accusatory - just trying to eliminate a potential concern. I’ve checked the FAQ’s, and it links to this post but does not seem to have details on the pairing process.


It is not Wi-Fi it is LTE

It just uses wifi antenna as they share frequency


Thank you , According to my little knowledge on AES encryption uses a 128bit key, how to change the value of this key? if it is defined by the manufacturer and he know the key then what is the use of the encryption !