K. Saravanan,L. Vijayanand,R. K. Negesh

DOI: https://doi.org/10.48550/arXiv.1203.4649

2012-03-21

Cryptography and Security

Abstract:As an interconnection technology, Bluetooth has to address all traditional security problems, well known from the distributed networks. Moreover, as Bluetooth networks are formed by the radio links, there are also additional security aspects whose impact is yet not well understood. In this paper, we propose a novel Man-In-The-Middle (MITM) attack against Bluetooth enabled mobile phone that support Simple Secure Pairing(SSP). From the literature it was proved that the SSP association models such as Numeric comparison, Just works and passkey Entry are not more secure. Here we propose the Out Of Band (OOB) channeling with enhanced security than the previous methods.

Dongkun Hou,Jie Zhang,Ka Lok Man

DOI: https://doi.org/10.1109/trustcom50675.2020.00224

2020-01-01

Abstract:Bluetooth wireless technology is widely deployed in consumer electronics such as mobile phones, headsets, medical wearables and so on. Security is a significant concern of users, since such devices collect and store personal data. Security schemes are provided in the Bluetooth Core Specification version 5.0, but they cannot resist the emerging side-channel attacks which can leak long-term secrets through physical manners. In this paper, the security of Bluetooth under side-channel attacks is studied. Specifically, we improved the security of Secure Simple Pairing (SSP) protocol in Bluetooth 5.0 by developing two leakage-resilient methods to resist side-channel attacks. The leakage-resilient SSP protocols are designed using exponent splitting and multiplicative mask leakage-resilient methods respectively to prevent the long-term secrets from being leaked to side-channel attackers. Prototypes of the new and original protocols are realized, and we simulate a set of experiences to evaluate and compare their performance. We find the increased computation cost of the new protocols is slight and acceptable.

chen kai,xu haiming,xu zhen,lin dongdai,liu yong

DOI: https://doi.org/10.3969/j.issn.0372-2112.2016.08.005

2016-01-01

Abstract:Bluetooth lowenergy( BLE) is designed for the devices with computational and power limitations. But it has been confirmed that Secure Simple Pairing( SSP) is vulnerable to the MITMattack. We identify the root causes of the problem : the pairing messages being tampered,and the vulnerability of the JW model. In this paper,we propose two hashbased SSP schemes for the devices in Mobile Cloud Computing( MCC). The proposed schemes enhance the SSP security with the help of MCC. Scheme I is applied into the devices which support the PE or OOB model. It uses the hash function to ensure the authenticity and integrity of the pairing messages. Scheme II is suitable for the devices which only support the JW model. It improves the security of the JW model through using the hash array. At the end of this paper,we examine the performance for the proposed schemes,and perform the security analysis to showthat they can provide the MITMprotection against the adversaries with different levels of power.

Sai Swaroop Madugula,Ruizhong Wei

DOI: https://doi.org/10.48550/arXiv.2101.09381

2021-01-23

Abstract:In this paper, we propose a simple enhancement for the passkey entry protocol in the authentication stage 1 of Secure Simple Pairing using preexisting cryptographic hash functions and random integer generation present in the protocol. The new protocol is more secure and efficient than previous known protocols. Our research mainly focuses on strengthening the passkey entry protocol and protecting the devices against passive eavesdropping and active Man-in-the-middle (MITM) attacks in both Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (Bluetooth LE). This method can be used for any device which uses the passkey entry protocol.

Cryptography and Security

Ruixue Sun,Zhiguo Shi,Rongxing Lu,Jian Qiao,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/WCSP.2012.6542795

2012-01-01

Abstract:The 60 GHz ultra-high-speed Wireless Personal Area Network (WPAN) has received considerable attention in recent years. Information security, which ensures secure communication within the network, is of particular importance. In this paper, we propose an efficient lightweight key management scheme for 60 GHz WPAN, which deploys secure encryption algorithms and one-way hash function to achieve efficient key exchange and updating managements. Detailed security analysis has shown its security provisions. In addition, performance evaluation is also provided to demonstrate its efficiency in terms of session key distribution and group key updating.

Xiaoyu Ji,Chaohao Li,Xinyan Zhou,Juchuan Zhang,Yanmiao Zhang,Wenyuan Xu

DOI: https://doi.org/10.1145/3399432

2020-01-01

ACM Transactions on Internet of Things

Abstract:Nowadays, most Internet of Things devices in smart homes rely on radio frequency channels for communication, making them exposed to various attacks such as spoofing and eavesdropping attacks. Existing methods using encryption keys may be inapplicable on these resource-constrained devices that cannot afford the computationally expensive encryption operations. Thus, in this article, we design a key-free communication method for such devices in a smart home. In particular, we introduce the Home-limited Channel (HLC) that can be accessed only within a house yet inaccessible for outside-house attackers. Utilizing HLCs, we propose HlcAuth, a challenge-response mechanism to authenticate the communications between smart devices without keys. The advantages of HlcAuth are low cost, lightweight as well as key-free, and requiring no human intervention. According to the security analysis, HlcAuth can defeat replay attacks, message-forgery attacks, and man-in-the-middle (MiTM) attacks, among others. We further evaluate HlcAuth in four different physical scenarios, and results show that HlcAuth achieves 100% true positive rate (TPR) within 4.2m for in-house devices while 0% false positive rate (FPR) for outside attackers, i.e., guaranteeing a high-level usability and security for in-house communications. Finally, we implement HlcAuth in both single-room and multi-room scenarios.

Mingrui Ai,Kaiping Xue,Bo Luo,Lutong Chen,Nenghai Yu,Qibin Sun,Feng Wu

DOI: https://doi.org/10.1145/3548606.3560668

2022-01-01

Abstract:ABSTRACTBluetooth is a short-range wireless communication technology widely used by billions of personal computing, IoT, peripheral, and wearable devices. Bluetooth devices exchange commands and data, such as keyboard/mouse inputs, audio, and files, through a secure communication channel that is established through a pairing process. Due to the sensitivity of those commands and data, security mechanisms, such as encryption, authentication, and authorization, have been developed and adopted in the standards. Nevertheless, vulnerabilities continue to be discovered. In the literature, few successful attacks against the Bluetooth connection establishment stage have been reported. Many attacks simply assume that connections are already established or use a compromised agent, e.g, a malicious app or a careless user, to initialize the connection. We argue that such assumptions are strong and impractical. A stealthily established connection is a critical starting point for any practical attack against Bluetooth devices. In this paper, we demonstrate that the Bluetooth Specification contains a series of vulnerabilities that will enable an attacker to impersonate a Bluetooth device and successfully establish a connection with a victim device. The entire process does not require any involvement of the device owner/user or any malicious app on the victim device. The attacker could further escalate permissions by switching Bluetooth profiles to retrieve sensitive information from the victim device and inject arbitrary commands. We name our new attack as the Blacktooth Attack. To demonstrate the effectiveness and practicality of the Blacktooth attack, we evaluate it against 21 different Bluetooth devices with diverse manufacturers and operating systems, and all major Bluetooth versions. We show that the newly proposed attack is successful on all victim devices.

Jiska Classen,Matthias Hollick

DOI: https://doi.org/10.1145/3448300.3467822

2021-08-16

Abstract:Bluetooth pairing establishes trust on first use between two devices by creating a shared key. Similar to certificate warnings in TLS, the Bluetooth specification requires warning users upon issues with this key, because this can indicate ongoing Machine-in-the-Middle (MitM) attacks. This paper uncovers that none of the major Bluetooth stacks warns users, which violates the specification. Clear warnings would protect users from recently published and potential future security issues in Bluetooth authentication and encryption.

Cryptography and Security,Networking and Internet Architecture

Yue Zhang,Jian Weng,Rajib Dey,Yier Jin,Zhiqiang Lin,Xinwen Fu

DOI: https://doi.org/10.48550/arXiv.1908.10497

2019-09-11

Abstract:To defeat security threats such as man-in-the-middle (MITM) attacks, Bluetooth Low Energy (BLE) 4.2 and 5.x introduce the Secure Connections Only mode, under which a BLE device accepts only secure paring protocols including Passkey Entry and Numeric Comparison from an initiator, e.g., an Android mobile. However, the BLE specification does not explicitly require the Secure Connection Only mode of the initiator. Taking the Android's BLE programming framework for example, we found that it cannot enforce secure pairing, invalidating the security protection provided by the Secure Connection Only mode. The same problem applies to Apple iOS too. Specifically, we examine the life cycle of a BLE pairing process in Android and identify four severe design flaws. These design flaws can be exploited by attackers to perform downgrading attacks, forcing the BLE pairing protocols to run in the insecure mode without the users' awareness. To validate our findings, we selected and tested 18 popular BLE commercial products and our experimental results proved that downgrading attacks and MITM attacks were all possible to these products. All 3501 BLE apps from Androzoo are also subject to these attacks. For defense, we have designed and implemented a prototype of the Secure Connection Only mode on Android 8 through the Android Open Source Project (AOSP). We have reported the identified BLE pairing vulnerabilities to Bluetooth Special Interest Group (SIG), Google, Apple, Texas Instruments (TI) and all of them are actively addressing this issue. Google rated the reported security flaw a High Severity.

Cryptography and Security

Dennis Heinze,Jiska Classen,Felix Rohrbach

DOI: https://doi.org/10.1145/3395351.3399343

2020-05-15

Abstract:Device pairing in large Internet of Things (IoT) deployments is a challenge for device manufacturers and users. Bluetooth offers a comparably smooth trust on first use pairing experience. Bluetooth, though, is well-known for security flaws in the pairing process. In this paper, we analyze how Apple improves the security of Bluetooth pairing while still maintaining its usability and specification compliance. The proprietary protocol that resides on top of Bluetooth is called MagicPairing. It enables the user to pair a device once with Apple's ecosystem and then seamlessly use it with all their other Apple devices. We analyze both, the security properties provided by this protocol, as well as its implementations. In general, MagicPairing could be adapted by other IoT vendors to improve Bluetooth security. Even though the overall protocol is well-designed, we identified multiple vulnerabilities within Apple's implementations with over-the-air and in-process fuzzing.

Cryptography and Security,Networking and Internet Architecture

Jianliang Wu,Yuhong Nan,Vireshwar Kumar,Dave (Jing) Tian,Antonio Bianchi,Mathias Payer,Dongyan Xu

2020-01-01

Abstract:The Bluetooth Low Energy (BLE) protocol ubiquitously enables energy-efficient wireless communication among resource-constrained devices. To ease its adoption, BLE requires limited or no user interaction to establish a connection between two devices. Unfortunately, this simplicity is the root cause of several security issues. In this paper, we analyze the security of the BLE link-layer, focusing on the scenario in which two previously-connected devices reconnect. Based on a formal analysis of the reconnection procedure defined by the BLE specification, we highlight two critical security weaknesses in the specification. As a result, even a device implementing the BLE protocol correctly may be vulnerable to spoofing attacks. To demonstrate these design weaknesses, and further study their security implications, we develop BLE Spoofing Attacks (BLESA). These attacks enable an attacker to impersonate a BLE device and to provide spoofed data to another previously-paired device. BLESA can be easily carried out against some implementations of the BLE protocol, such as the one used in Linux. Additionally, for the BLE stack implementations used by Android and iOS, we found a logic bug enabling BLESA. We reported this security issue to the affected parties (Google and Apple), and they acknowledged our findings.

Zhaoyang Wang,Quan Gan,Hong Wen,Wenjing Hou,Huanhuan Song,Wenxin Lei

DOI: https://doi.org/10.1117/12.3009296

2023-01-01

Abstract:Wi-Fi is a widely used wireless local area network (WLAN) technology, and its security issues have always been a matter of concern. The counter with CBC-MAC protocol (CCMP) is a commonly employed security protocol for Wi-Fi. However, vulnerabilities in the 4-way handshake process can allow attackers to carry out man-in-the-middle (MitM) attacks. In a successful attack, the targeted station (STA) connects to a rogue access point (AP) established by the MitM, which can have severe consequences for Wi-Fi users. This paper focuses on MitM attacks in the context of WPA2, CCMP, and WLAN security. We analyze and implement a MitM attack scenario, and based on this scenario, we summarize the potential hazards resulting from a successful attack. Furthermore, we present solutions to help prevent falling victim to such attacks.

Mahyar TajDini,Volodymyr Sokolov,Volodymyr Buriachok

DOI: https://doi.org/10.48550/arXiv.1906.10878

2019-06-26

Cryptography and Security

Abstract:The article presents a method of organizing men-in-the-middle attack and penetration test on Bluetooth Low Energy devices and ZigBee packets using software define radio with sniffing and spoofing packets, capture and analysis techniques on wireless waves with the focus on Bluetooth. The paper contains the analysis of the latest scientific work in this area, provides a comparative analysis of SDRs and the rationale for the choice of hardware, gives the sequence of actions for collecting wireless data packets and data collection from ZigBee and BLE devices, and analyzes ways to improve captured wireless packet analysis techniques. For the study collected experimental setup, the results of which are analyzed in real time. The collected wireless data packets are compared with those sent. The result of the experiment shows the weaknesses of local wireless networks.

Muhammed Ali Yurdagul,Husrev Taha Sencar

DOI: https://doi.org/10.48550/arXiv.2103.16235

2021-03-30

Abstract:Bluetooth Low Energy (BLE) has become one of the most popular wireless communication protocols and is used in billions of smart devices. Despite several security features, the hardware and software limitations of these devices makes them vulnerable to man-in-the-middle (MITM) attacks. Due to the use of these devices in increasingly diverse and safety-critical applications, the capability to detect MITM attacks has become more critical. To address this challenge, we propose the use of the response time behavior of a BLE device observed in relation to select read and write operations and introduce an activeMITM attack detection system that identifies changes in response time. Our measurements on several BLE devices show that theirresponse time behavior exhibits very high regularity, making it a very reliable attack indicator that cannot be concealed by an attacker. Test results show that our system can very accurately and quickly detect MITM attacks while requiring a simple learning approach.

Cryptography and Security

Pei Cao,Chi Zhang,Xiang-Jun Lu,Hai-Ning Lu,Da-Wu Gu

DOI: https://doi.org/10.1007/s11390-022-1229-3

IF: 1.871

2023-01-01

Journal of Computer Science and Technology

Abstract:In the era of the Internet of Things, Bluetooth low energy (BLE/BTLE) plays an important role as a well-known wireless communication technology. While the security and privacy of BLE have been analyzed and fixed several times, the threat of side-channel attacks to BLE devices is still not well understood. In this work, we highlight a side-channel threat to the re-keying protocol of BLE. This protocol uses a fixed long term key for generating session keys, and the leakage of the long term key could render the encryption of all the following (and previous) connections useless. Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices. In particular, we present successful correlation electromagnetic analysis and deep learning based profiled analysis that recover long term keys of BLE devices. We evaluate our attack on an ARM Cortex-M4 processor (Nordic Semiconductor nRF52840) running Nimble, a popular open-source BLE stack. Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces. Further, we summarize the features and limitations of our attack, and suggest a range of countermeasures to prevent it.

Athanasios Kalogiratos,Ioanna Kantzavelou

DOI: https://doi.org/10.48550/arXiv.2211.06451

2022-11-11

Cryptography and Security

Abstract:Bluetooth is a communication technology used to wirelessly exchange data between devices. In the last few years there have been found a great number of security vulnerabilities, and adversaries are taking advantage of them causing harm and significant loss. Numerous system security updates have been approved and installed in order to sort out security holes and bugs, and prevent attacks that could expose personal or other valuable information. But those updates are not sufficient and appropriate and new bugs keep showing up. In Bluetooth technology, pairing is identified as the step where most bugs are found and most attacks target this particular process part of Bluetooth. A new technology that has been proved bulletproof when it comes to security and the exchange of sensitive information is Blockchain. Blockchain technology is promising to be incorporated well in a network of smart devices, and secure an Internet of Things (IoT), where Bluetooth technology is being extensively used. This work presents a vulnerability discovered in Bluetooth pairing process, and proposes a Blockchain solution approach to secure pairing and mitigate this vulnerability. The paper first introduces the Bluetooth technology and delves into how Blockchain technology can be a solution to certain security problems. Then a solution approach shows how Blockchain can be integrated and implemented to ensure the required level of security. Certain attack incidents on Bluetooth vulnerable points are examined and discussion and conclusions give the extension of the security related problems.

Chien-Ming Chen,King-Hang Wang,Tsu-Yang Wu,Jeng-Shyang Pan,Hung-Min Sun

DOI: https://doi.org/10.1109/tifs.2013.2270106

IF: 7.231

2013-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The man-in-the-middle (MITM) attack is the major threat for handheld devices to agree on a session key in which they do not share any prior secret in advance, even if these devices are physically located in the same place. Apart from insecurely typing passwords into handheld devices or comparing long hexadecimal keys displayed on the devices' screens, many other human-verifiable protocols have been proposed in the literature to solve the problem. Unfortunately, most of these schemes are unscalable to more users. Even when there are only three entities attempting to agree on a session key, these protocols need to be rerun three times. In this paper, we present a bipartite and a tripartite authentication protocol using a temporary confidential channel. Besides, we further extend the system into a transitive authentication protocol that allows multiple handheld devices to establish a conference key securely and efficiently. In addition, we provide a formal proof to our protocol to demonstrate our scheme is indeed secure. We also implement the prototype of the system on a mobile phone with satisfying performance.

Cn Yang,Ht Teng,Ts Chen

2004-01-01

Abstract:Motivated by the reused unit key problem described in Bluetooth security white paper, we herein propose a method to modify the usage of the unit key, which is a common secret key established in Bluetooth pairing communication session. The reused problem causes the disclosure of confidential information due to the same unit key of other devices that has been authenticated or paired before. Bluetooth Security Expert Group (BSEG) recommends that using combination keys as link keys would be more appropriate than using unit keys for authentication and encryption. However, it is not a good choice for those devices with limited memory to store a lot of combination keys. Therefore, we propose a method based on one-way hash function to modify the usage of unit keys. It makes unit keys unique as well as combination keys in each pairing communication such that no malicious users are able to eavesdrop with the reused unit keys. Besides, no additional memory space will be required to store keys.

Daniele Antonioli,Nils Ole Tippenhauer,Kasper Rasmussen,Mathias Payer

DOI: https://doi.org/10.48550/arXiv.2009.11776

2021-11-08

Abstract:The Bluetooth standard specifies two transports: Bluetooth Classic (BT) for high-throughput wireless services and Bluetooth Low Energy (BLE) for very low-power scenarios. BT and BLE have dedicated pairing protocols and devices have to pair over BT and BLE to use both securely. In 2014, the Bluetooth standard (v4.2) addressed this usability issue by introducing Cross-Transport Key Derivation (CTKD). CTKD allows establishing BT and BLE pairing keys just by pairing over one of the two transports. While CTKD crosses the security boundary between BT and BLE, little is known about the internals of CTKD and its security implications. In this work, we present the first complete description of CTKD obtained by merging the scattered information from the Bluetooth standard with the results from our reverse-engineering experiments. Then, we perform a security evaluation of CTKD and uncover four cross-transport issues in its specification. We leverage these issues to design four standard-compliant attacks on CTKD enabling new ways to exploit Bluetooth (e.g., exploiting BT and BLE by targeting only one of the two). Our attacks work even if the strongest security mechanism for BT and BLE are in place, including Numeric Comparison and Secure Connections. They allow to impersonate, man-in-the-middle, and establish unintended sessions with arbitrary devices. We refer to our attacks as BLUR attacks, as they blur the security boundary between BT and BLE. We provide a low-cost implementation of the BLUR attacks and we successfully evaluate them on 14 devices with 16 unique Bluetooth chips from popular vendors. We discuss the attacks' root causes and present effective countermeasures to fix them. We disclosed our findings and countermeasures to the Bluetooth SIG in May 2020 (CVE-2020-15802), and we reported additional unmitigated issues in May 2021.

Cryptography and Security

Paul Staat,Kai Jansen,Christian Zenger,Harald Elders-Boll,Christof Paar

DOI: https://doi.org/10.48550/arXiv.2202.06554

2022-04-04

Abstract:Today, we use smartphones as multi-purpose devices that communicate with their environment to implement context-aware services, including asset tracking, indoor localization, contact tracing, or access control. As a de-facto standard, Bluetooth is available in virtually every smartphone to provide short-range wireless communication. Importantly, many Bluetooth-driven applications such as Phone as a Key (PaaK) for vehicles and buildings require proximity of legitimate devices, which must be protected against unauthorized access. In earlier access control systems, attackers were able to violate proximity-verification through relay station attacks. However, the vulnerability of Bluetooth against such attacks was yet unclear as existing relay attack strategies are not applicable or can be defeated through wireless distance measurement. In this paper, we design and implement an analog physical-layer relay attack based on low-cost off-the-shelf radio hardware to simultaneously increase the wireless communication range and manipulate distance measurements. Using our setup, we successfully demonstrate relay attacks against Bluetooth-based access control of a car and a smart lock. Further, we show that our attack can arbitrarily manipulate Multi-Carrier Phase-based Ranging (MCPR) while relaying signals over 90 m.

Cryptography and Security