blue6.pdf (185.61 kB)
Download fileAnalyzing the secure simple pairing in Bluetooth v4.0
journal contribution
posted on 2011-04-15, 13:57 authored by Raphael C.-W. Phan, Patrick MingardThis paper analyzes the security of Bluetooth v4.0’s Secure Simple Pairing
(SSP) protocol, for both the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR)
and Bluetooth Low Energy (LE) operational modes. Bluetooth v4.0 is the latest version
of a wireless communication standard for low-speed and low-range data transfer among
devices in a human’s PAN. It allows increased network mobility among devices such
as headsets, PDAs, wireless keyboards and mice. A pairing process is initiated when
two devices desire to communicate, and this pairing needs to correctly authenticate
devices so that a secret link key is established for secure communication. What is
interesting is that device authentication relies on humans to communicate verification
information between devices via a human-aided out-of-band channel. Bluetooth v4.0’s
SSP protocol is designed to offer security against passive eavesdropping and man-inthe-
middle (MitM) attacks. We conduct the first known detailed analysis of SSP for all
its MitM-secure models. We highlight some issues related to exchange of public keys
and use of the passkey in its models and discuss how to treat them properly.
History
School
- Mechanical, Electrical and Manufacturing Engineering
Citation
PHAN, R.C.-W. and MINGARD, P., 2012. Analyzing the secure simple pairing in Bluetooth v4.0. Wireless Personal Communications, 64 (4), pp. 719-737.Publisher
© SpringerVersion
- AM (Accepted Manuscript)
Publication date
2012Notes
The original publication is available at www.springerlink.comISSN
0929-6212;1572-834XPublisher version
Language
- en