Lindell proposed that the PE protocol would leak password by eavesdropping attack on a legitimate conversation or an active attack on password-protected devices, which may cause MITM attacks. Much attention has been devoted to the SSP security in four association models along with a wide utilization in Bluetooth technology. Part two of our research will focus on the privacy issue of SSP in Bluetooth standard v5.0. We also investigate how to integrate the typical SSP applications into the HAE systems. We do not specially discuss the JW protocol, because the JW protocol is the same as the NC protocol except that it does not defeat MITM attacks. Some result of the PE protocol is presented directly. That is, we mainly focus on the security of the NC and OOB protocols. We formally address the security of the authenticated link key generated by SSP. This paper is part one, which focuses on the security of SSP and its HAE applications. The main goal of our research is to address the security and the privacy of SSP in Bluetooth standard v5.0. Actually, four association models form four different SSP protocols, i.e., the NC protocol, the OOB protocol, the PE protocol, and the JW protocol. SSP must use one of these association models to complete the pairing procedure. There are four association models of SSP depending on IO capabilities of devices, i.e., numeric comparison (NC), out of band (OOB), passkey entry (PE), and just works (JW). SSP can prevent passive eavesdropping and man-in-the-middle (MITM) attacks. Currently, Bluetooth standard v5.0 preferably supports secure simple pairing (SSP) to provide the function of pairing. Message integrity: Verifying that messages are not forged.įrom the technical perspective, pairing is the first and important step to ensure Bluetooth security, because the function of pairing is to establish a shared link key and the link key is the master key for other Bluetooth mechanisms. That is, pairing, bonding, device authentication, encryption, and message integrity. Hence, Bluetooth security is very important when the Bluetooth services process sensitive information in the HAE systems.Īccording to latest Bluetooth standard v5.0, it provides five different security features. However, the Bluetooth devices may leak confidential data and the adversary may monitor the Bluetooth channel during the communication procedure. In fact, how to integrate Bluetooth into the HAE environments has drawn a great deal of attention and become a hot topic in the research community. We see that Bluetooth always provides the private wireless connections and the confidential data transmissions among home appliances because the Bluetooth services maintain ubiquity, reliability, and interoperability. The idea of HAE emphasizes that multiple home appliances could be controlled by a single controller via a home network. Owing to the rapid development of the Internet of Things (IoT), the home automation and entertainment (HAE) systems simplify the controls of different home appliances and enhance their convenience, safety, and comfort via either wired or wireless communication. Our results are useful to not only evaluating and designing the SSP protocols but also enhancing the security of the HAE systems in which the Bluetooth access is available. (3) We discuss the typical SSP applications in the HAE systems. (2) We formally analyze two SSP protocols and present the security requirements for basic cryptographic modules in these SSP protocols. (1) A formal security model is proposed to evaluate SSP’s association models and authenticated link key. Hence, we investigate the SSP solution according to the Bluetooth standard v5.0. The Bluetooth standard mainly depends on the secure simple pairing (SSP) solution to protect the Bluetooth devices. The security concerns of the HAE systems are raised due to massive deployment of the Bluetooth devices. The home automation and entertainment (HAE) systems often make use of Bluetooth technology to link different Bluetooth devices and form Bluetooth networks. Bluetooth is an important technical standard for short-range and low-power wireless communication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |