Getting the Android Link Key for Classic Decryption
Bluetooth devices on an encrypted link share a common “link key” used to exchange encrypted data. For a Bluetooth sniffer, such as the ComProbe BPA 600, to be able to decrypt the encrypted data, it must also have this shared link key. For obvious security reasons, the link key is never sent over the air, so either the user must get the key out of one of the devices being sniffed and supply the key to the sniffer or the sniffer must create the key itself.
Bluetooth devices using the Android operating system have a "developer" option that will provide the link key for Classic Bluetooth decryption. This procedure will use the developer options to obtain the Android HCI (Host Controller Interface) log that contains the link keys for all active links..