Journal
PERSONAL AND UBIQUITOUS COMPUTING
Volume 22, Issue 1, Pages 55-67Publisher
SPRINGER LONDON LTD
DOI: 10.1007/s00779-017-1081-6
Keywords
Bluetooth standard; Secure Simple Pairing; Passkey entry; Man-in-the-middle attack; Home network system
Funding
- China Scholarship Council
- Open Project of Shanghai Key Laboratory of Trustworthy Computing [07dz22304201402]
Ask authors/readers for more resources
Bluetooth devices are widely employed in the home network systems. It is important to secure the home members' Bluetooth devices, because they always store and transmit personal sensitive information. In the Bluetooth standard, Secure Simple Pairing (SSP) is an essential security mechanism for Bluetooth devices. We examine the security of SSP in the recent Bluetooth standard V5.0. The passkey entry association model in SSP is analyzed under the man-in-the-middle (MITM) attacks. Our contribution is twofold. (1) We demonstrate that the passkey entry association model is vulnerable to the MITM attack, once the host reuses the passkey. (2) An improved passkey entry protocol is therefore designed to fix the reusing passkey defect in the passkey entry association model. The improved passkey entry protocol can be easily adapted to the Bluetooth standard, because it only uses the basic cryptographic components existed in the Bluetooth standard. Our research results are beneficial to the security enhancement of Bluetooth devices in the home network systems.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available