Two-party secure connection in Bluetooth-enabled devices

Gajbhiye, Samta; Karmakar, S.; Sharma, Manoj; Sharma, Sanjay

doi:10.1080/19393555.2018.1423714

Cited by 3 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this section, we analyze the security properties and the efficiency of the NC protocol and the OOB protocol in Bluetooth standard v5.0 by contrast to three related SSP protocols [ 12 , 13 , 23 ].…”

Section: Comparison Analysis Of Related Protocolsmentioning

confidence: 99%

“…The improved NC protocol proposed by Gajbhiye et al [ 12 ] uses the signature mechanism to confirm the pairing devices. The SSP protocol with delayed-encrypted IO (SSP-DEIO) proposed by Gajbhiye et al [ 13 ] delays the exchange of encrypted IO capability until Phase 2 to overcome from the problem of capturing the IO capability of the pairing devices. Table 4 shows the security comparison among our results and above three SSP protocols.…”

Section: Comparison Analysis Of Related Protocolsmentioning

confidence: 99%

“…3 XOR is only used in the improved NC protocol proposed by Yeh et al [ 23 ]. 4 Encrypted information/IO capability and other information are only used in the SSP protocol with delayed-encrypted IO (SSP-DEIO) proposed by Gajbhiye et al [ 13 ].…”

Section: Figurementioning

confidence: 99%

“…Albahar et al [ 11 ] enhanced the JW protocol to prevent MITM attacks by adding a question and answer phase to ask both Bluetooth devices about IO capabilities. Gajbhiye et al [ 12 , 13 ] overviewed security issues that may result in MITM attacks on Bluetooth devices and improved SSP with the delayed-encrypted input-output mechanism to defeat MITM attacks. In addition, they also gave the simulation and the security analysis of the NC protocol.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

On Secure Simple Pairing in Bluetooth Standard v5.0-Part I: Authenticated Link Key Security and Its Home Automation and Entertainment Applications

Sun

2019

Sensors

View full text Add to dashboard Cite

Bluetooth is an important technical standard for short-range and low-power wireless communication. The home automation and entertainment (HAE) systems often make use of Bluetooth technology to link different Bluetooth devices and form Bluetooth networks. The security concerns of the HAE systems are raised due to massive deployment of the Bluetooth devices. The Bluetooth standard mainly depends on the secure simple pairing (SSP) solution to protect the Bluetooth devices. Hence, we investigate the SSP solution according to the Bluetooth standard v5.0. The contributions are threefold. (1) A formal security model is proposed to evaluate SSP’s association models and authenticated link key. (2) We formally analyze two SSP protocols and present the security requirements for basic cryptographic modules in these SSP protocols. (3) We discuss the typical SSP applications in the HAE systems. Our results are useful to not only evaluating and designing the SSP protocols but also enhancing the security of the HAE systems in which the Bluetooth access is available.

show abstract

Section: Comparison Analysis Of Related Protocolsmentioning

confidence: 99%

Section: Comparison Analysis Of Related Protocolsmentioning

confidence: 99%

Section: Figurementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

On Secure Simple Pairing in Bluetooth Standard v5.0-Part I: Authenticated Link Key Security and Its Home Automation and Entertainment Applications

Sun

2019

Sensors

View full text Add to dashboard Cite

show abstract

“…Cha et al [20] deployed a privacy framework where the smartphones access the nearby IoT devices via the LE channel. Despite the increasing interest in the investigation of the LESSP security [21,22,23,24], previous work did not focus on the LESSP privacy. We examine the LESSP privacy under all possible means of privacy infringement, because the adversary must be expected to exploit any available privacy defects existing in the Bluetooth service.…”

Section: Introductionmentioning

confidence: 99%

On Secure Simple Pairing in Bluetooth Standard v5.0-Part II: Privacy Analysis and Enhancement for Low Energy

Sun

Yang

2019

Sensors

View full text Add to dashboard Cite

Bluetooth low energy devices are very popular in wireless personal area networks. According to the Bluetooth standard specifications, the low energy secure simple pairing (LESSP) protocol is the process by which the pairing devices negotiate the authenticated secret key. To violate the user privacy, the adversary can perhaps link the runs of the LESSP protocol to the targeted device, which usually relates to the specially appointed user. Hence, we investigate deep into the privacy of the LESSP protocol. Our main contributions are threefold: (1) We demonstrate that the LESSP protocol suffers from privacy vulnerability. That is, an adversary without any secret key is able to identify the targeted device by the LESSP protocol. (2) An improvement is therefore proposed to repair the privacy vulnerability in the LESSP protocol. (3) We develop a formal privacy model to evaluate the privacy vulnerabilities in the LESSP protocol and its improved versions. We further prove that our improvement on the LESSP protocol is private under the privacy model. In addition, the performance evaluation shows that our improvement is as efficient as the LESSP protocol. Our research results are beneficial to the privacy enhancement of Bluetooth systems in wireless personal area networks.

show abstract