Bluetooth Secure Simple Pairing with enhanced security level

Gajbhiye, Samta; Karmakar, S.; Sharma, Manoj; Sharma, Sanjay

doi:10.1016/j.jisa.2018.11.009

Cited by 8 publications

(3 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance, instead of deleting keys, they downright deny connection to new users or allow insecure connections without bonding. The work in [42] details a MITM attack that can be launched against BLE. The authors showed that this vulnerability is due to the fact that a malicious entity can eavesdrop on the public keys of the devices during the initial phase of pairing.…”

Section: Blementioning

confidence: 99%

A State-of-the-Art Review on the Security of Mainstream IoT Wireless PAN Protocol Stacks

Kambourakis

Kolias²,

Geneiatakis³

et al. 2020

Symmetry

View full text Add to dashboard Cite

Protocol stacks specifically designed for the Internet of Things (IoT) have become commonplace. At the same time, security and privacy concerns regarding IoT technologies are also attracting significant attention given the risks that are inherently associated with the respective devices and their numerous applications, ranging from healthcare, smart homes, and cities, to intelligent transportation systems and industrial automation. Considering the still heterogeneous nature of the majority of IoT protocols, a major concern is to find common references for investigating and analyzing their security and privacy threats. To this end, and on top of the current literature, this work provides a comprehensive, vis-à-vis comparison of the security aspects of the thus far most widespread IoT Wireless Personal Area Network (WPAN) protocols, namely BLE, Z-Wave, ZigBee, Thread, and EnOcean. A succinct but exhaustive review of the relevant literature from 2013 up to now is offered as a side contribution.

show abstract

Section: Blementioning

confidence: 99%

A State-of-the-Art Review on the Security of Mainstream IoT Wireless PAN Protocol Stacks

Kambourakis

Kolias²,

Geneiatakis³

et al. 2020

Symmetry

View full text Add to dashboard Cite

show abstract

“…In the second place, the pairing of devices: for the correct pairing, the Bluetooth devices should be close enough depending on their transmission power and the level of security. It is observed that the higher the level of security, the larger the average time needed to establish a link (see, e.g., [ 20 ]). This may require a few seconds, which is far larger than the microseconds used to transmit data between our RF devices.…”

Section: Introductionmentioning

confidence: 99%

Mobile Clustering Scheme for Pedestrian Contact Tracing: The COVID-19 Case Study

Rivero-Ángeles

Barrera-Figueroa

Malfavón-Talavera

et al. 2021

Entropy

View full text Add to dashboard Cite

In the context of smart cities, there is a general benefit from monitoring close encounters among pedestrians. For instance, for the access control to office buildings, subway, commercial malls, etc., where a high amount of users may be present simultaneously, and keeping a strict record on each individual may be challenging. GPS tracking may not be available in many indoor cases; video surveillance may require expensive deployment (mainly due to the high-quality cameras and face recognition algorithms) and can be restrictive in case of low budget applications; RFID systems can be cumbersome and limited in the detection range. This information can later be used in many different scenarios. For instance, in case of earthquakes, fires, and accidents in general, the administration of the buildings can have a clear record of the people inside for victim searching activities. However, in the pandemic derived from the COVID-19 outbreak, a tracking that allows detecting of pedestrians in close range (a few meters) can be particularly useful to control the virus propagation. Hence, we propose a mobile clustering scheme where only a selected number of pedestrians (Cluster Heads) collect the information of the people around them (Cluster Members) in their trajectory inside the area of interest. Hence, a small number of transmissions are made to a control post, effectively limiting the collision probability and increasing the successful registration of people in close contact. Our proposal shows an increased success packet transmission probability and a reduced collision and idle slot probability, effectively improving the performance of the system compared to the case of direct transmissions from each node.

show abstract

“…However, in security mode 4, Secure Simple Pairing (SSP) is used instead. A series of works such as [8][9][10][11] address the security properties of SSP under the distinctive practical concerns. Authentication: this procedure applies to two paired devices and needs their shared link key generated by the previous procedure.…”

Section: Introductionmentioning

confidence: 99%

Privacy Enhancement on Unilateral Bluetooth Authentication Protocol for Mobile Crowdsensing

Sun

Zhong

2021

Security and Communication Networks

View full text Add to dashboard Cite

As an open standard for the short-range radio frequency communications, Bluetooth is suitable for Mobile Crowdsensing Systems (MCS). However, the massive deployment of personal Bluetooth-enabled devices also raises privacy concerns on their wielders. Hence, we investigate the privacy of the unilateral authentication protocol according to the recent Bluetooth standard v5.2. The contributions of the paper are twofold. (1) We demonstrate that the unilateral authentication protocol suffers from privacy weakness. That is, the attacker is able to identify the target Bluetooth-enabled device once he observed the device’s previous transmitted messages during the protocol run. More importantly, we analyze the privacy threat of the Bluetooth MCS, when the attacker exploits the proposed privacy weakness under the typical Internet of Things (IoT) scenarios. (2) An improved unilateral authentication protocol is therefore devised to repair the weakness. Under our formal privacy model, the improved protocol provably solves the traceability problem of the original protocol in the Bluetooth standard. Additionally, the improved protocol can be easily adapted to the Bluetooth standards because it merely employs the basic cryptographic components available in the standard specifications. In addition, we also suggest and evaluate two countermeasures, which do not need to modify the original protocol.

show abstract

Bluetooth Secure Simple Pairing with enhanced security level

Cited by 8 publications

References 3 publications

A State-of-the-Art Review on the Security of Mainstream IoT Wireless PAN Protocol Stacks

A State-of-the-Art Review on the Security of Mainstream IoT Wireless PAN Protocol Stacks

Mobile Clustering Scheme for Pedestrian Contact Tracing: The COVID-19 Case Study

Privacy Enhancement on Unilateral Bluetooth Authentication Protocol for Mobile Crowdsensing

Contact Info

Product

Resources

About