Repairing the Bluetooth Pairing Protocol
نویسندگان
چکیده
We implement and demonstrate a passive attack on the Bluetooth authentication protocol used to connect two devices to each other. Using a protocol analyzer and a brute-force attack on the PIN, we recover the link key shared by two devices. With this secret we can then decrypt any encrypted traffic between the devices as well as, potentially, impersonate the devices to each other. We then implement an alternative pairing protocol that is more robust against passive attacks and against active man-in-the-middle attacks. The price of the added security offered by the new protocol is its use of asymmetric cryptography, traditionally considered infeasible on handheld devices. We show that an implementation based on elliptic curves is well within the possibility of a modern handphone and has negligible effects on speed and user experience.
منابع مشابه
Formal Analysis of Authentication in Bluetooth Device Pairing
Bluetooth is a popular standard for short-range wireless communications. Bluetooth device pairing enables two mobile devices to authenticate each other and establish a secure wireless connection. We present a formal analysis of authentication properties of Bluetooth device pairing. Using the ProVerif cryptographic protocol verifier, we first analyze the standard device pairing protocol specifie...
متن کاملOn Bluetooth Repairing: Key Agreement Based on Symmetric-Key Cryptography
Despite many good (secure) key agreement protocols based on publickey cryptography exist, secure associations between two wireless devices are often established using symmetric-key cryptography for cost reasons. The consequence is that common daily used security protocols such as Bluetooth pairing are insecure in the sense that an adversary can easily extract the main private key from the proto...
متن کاملAnalyzing the Secure Simple Pairing in Bluetooth v4.0
This paper analyzes the security of Bluetooth v4.0’s Secure Simple Pairing (SSP) protocol, for both the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (LE) operational modes. Bluetooth v4.0 is the latest version of a wireless communication standard for low-speed and low-range data transfer among devices in a human’s PAN. It allows increased network mobility among de...
متن کاملImproved Pairing Protocol for Bluetooth
The Bluetooth wireless technology realizes a low-cost shortrange wireless voiceand data-connection through radio propagation. Bluetooth also has a security architecture. In this paper, we focus on the key agreement protocol, which is the most critical part of this security architecture. Several security flaws have been identified within the Bluetooth protocols: an attacker can track users by mo...
متن کاملBluetooth Data Exchange Between Android Phones Without Pairing
In this paper we describe a novel method of exchanging data between Bluetooth smartphones on the Android platform without requiring pairing between devices. We discuss our approach of encoding and decoding data inside the UUIDs used by the Bluetooth Service Discovery Protocol (SDP). Future research remains to be done on the latency, bandwidth and compatibility of this approach, as well as the p...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005