An enhanced passkey entry protocol for secure simple pairing in bluetooth

Bluetooth devices are being used very extensively in today's world. From simple wireless headsets to maintaining an entire home network, the Bluetooth technology is used everywhere. However, there are still vulnerabilities present in the pairing process of Bluetooth which leads to serious security issues resulting in data theft and manipulation. We scrutinize the passkey entry protocol in Secure Simple Pairing in the Bluetooth standard v5.2. In this thesis, we propose a simple enhancement for the passkey entry protocol in the authentication stage 1 of Secure Simple Pairing (SSP) using preexisting cryptographic hash functions and random integer gener- ation present in the protocol. Our research mainly focuses on strengthening the passkey entry protocol and protecting the devices against passive eavesdropping and active Man-in-the-middle (MITM) attacks in both Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (BLE). In addition to increasing the security of the protocol, our proposed model will also signi cantly reduce the computation cost and the communication cost of the protocol. This model can be implemented for any Bluetooth device which uses the passkey entry protocol and is of version 4.2 or greater

Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm

Recently, Bluetooth technology is widely used by organizations and individuals to provide wireless personal area network (WPAN). This is because the radio frequency (RF) waves can easily penetrate obstacles and can propagate without direct line-of-sight (LoS). These two characteristics have led to replace wired communication by wireless systems. However, there are serious security challenges associated with wireless communication systems because they are easier to eavesdrop, disrupt and jam than the wired systems. Bluetooth technology started with a form of pairing called legacy pairing prior to any communication. However, due to the serious security issues found in the legacy pairing, a secure and simple pairing called SPP was announced with Bluetooth 2.1 and later since 2007. SPP has solved the main security issue which is the weaknesses of the PIN code in the legacy pairing, however it has been found with some vulnerabilities such as eavesdropping and man-in-the-middle (MITM) attacks. Since the discovery of these vulnerabilities, some enhancements have been proposed to the Bluetooth Specification Interest Group (SIG) which is the regulatory body of Bluetooth technology; nevertheless, some proposed enhancements are ineffective or are not yet implemented by Manufacturers. Therefore, an improvement of the security authentication in Bluetooth connection is highly required to overcome the existing drawbacks. This proposed protocol uses Hash-based Message Authentication Code (HMAC) algorithm with Secure Hash Algorithm (SHA-256). The implementation of this proposal is based on the Arduino Integrated Development Environment (IDE) as software and a Bluetooth (BT) Shield connected to an Arduino Uno R3 boards as hardware. The result was verified on a Graphical User Interface (GUI) built in Microsoft Visual Studio 2010 with C sharp as default environment. It has shown that the proposed scheme works perfectly with the used hardware and software. In addition, the protocol thwarts the passive and active eavesdropping attacks which exist during SSP. These attacks are defeated by avoiding the exchange of passwords and public keys in plain text between the Master and the Slave. Therefore, this protocol is expected to be implemented by the SIG to enhance the security in Bluetooth connection

The Insecurity of Things (IoT)

Convenience is important to everyone. In our fast-paced society, people are willing to pay for devices that can save them time, even if it is just a few minutes. Over the past few years, the Internet of Things (IoT), or smart devices, have become a popular way for people to leverage technology in order to save them time. These devices can be used in every area of a home, including the entryways, the kitchen, and the living room. While all of these devices make daily life more convenient, their lack of security makes hacker’s lives more convenient, too. The majority of IoT devices lack basic security features and most consumers install the devices in their homes with the default settings. This provides cyber criminals with the means to hack into a system with minimal time and effort. I focused on the security of a popular smart device, the smart light bulb. I compared the security features of two different smart light bulbs by running a series of penetration tests against them. The main aspects of the light bulbs that were tested include the phone application that controlled the light bulb and the Bluetooth protocol that the phone application used to communicate with the light bulb. These tests show the lack of security in common IoT devices is a serious problem that cyber criminals could take advantage of

On the Security of Bluetooth Low Energy in Two Consumer Wearable Heart Rate Monitors/Sensing Devices

Since its inception in 2013, Bluetooth Low Energy (BLE) has become the standard for short-distance wireless communication in many consumer devices, as well as special-purpose devices. In this study, we analyze the security features available in Bluetooth LE standards and evaluate the features implemented in two BLE wearable devices (a Fitbit heart rate wristband and a Polar heart rate chest wearable) and a BLE keyboard to explore which security features in the BLE standards are implemented in the devices. In this study, we used the ComProbe Bluetooth Protocol Analyzer, along with the ComProbe software to capture the BLE traffic of these three devices. We found that even though the standards provide security mechanisms, because the Bluetooth Special Interest Group does not require that manufacturers fully comply with the standards, some manufacturers fail to implement proper security mechanisms. The circumvention of security in Bluetooth devices could leak private data that could be exploited by rogue actors/hackers, thus creating security, privacy, and, possibly, safety issues for consumers and the public. We propose the design of a Bluetooth Security Facts Label (BSFL) to be included on a Bluetooth/BLE enabled device’s commercial packaging and conclude that there should be better mechanisms for informing users about the security and privacy provisions of the devices they acquire and use and to educate the public on protection of their privacy when buying a connected device

A proof-of-proximity framework for device pairing in ubiquitous computing environments

Ad hoc interactions between devices over wireless networks in ubiquitous computing environments present a security problem: the generation of shared secrets to initialize secure communication over a medium that is inherently vulnerable to various attacks. However, these ad hoc scenarios also offer the potential for physical security of spaces and the use of protocols in which users must visibly demonstrate their presence and/or involvement to generate an association. As a consequence, recently secure device pairing has had significant attention from a wide community of academic as well as industrial researchers and a plethora of schemes and protocols have been proposed, which use various forms of out-of-band exchange to form an association between two unassociated devices. These protocols and schemes have different strengths and weaknesses – often in hardware requirements, strength against various attacks or usability in particular scenarios. From ordinary user‟s point of view, the problem then becomes which to choose or which is the best possible scheme in a particular scenario. We advocate that in a world of modern heterogeneous devices and requirements, there is a need for mechanisms that allow automated selection of the best protocols without requiring the user to have an in-depth knowledge of the minutiae of the underlying technologies. Towards this, the main argument forming the basis of this dissertation is that the integration of a discovery mechanism and several pairing schemes into a single system is more efficient from a usability point of view as well as security point of view in terms of dynamic choice of pairing schemes. In pursuit of this, we have proposed a generic system for secure device pairing by demonstration of physical proximity. Our main contribution is the design and prototype implementation of Proof-of-Proximity framework along with a novel Co- Location protocol. Other contributions include a detailed analysis of existing device pairing schemes, a simple device discovery mechanism, a protocol selection mechanism that is used to find out the best possible scheme to demonstrate the physical proximity of the devices according to the scenario, and a usability study of eight pairing schemes and the proposed system

THE BLE CLOAKER: SECURING IMPLANTABLE MEDICAL DEVICE COMMUNICATION OVER BLUETOOTH LOW ENERGY LINKS

Historically Implantable Medical Devices (IMDs) such as pacemakers have only been able to communicate to external devices through close proximity means of communication, primarily through inductive telemetry. Because of the unlikelihood of an adversary being able to gain access to an IMD through this type of communication, these devices were never designed with security in mind. However the recent advent of IMDs that are equipped with long-range wireless capabilities has made it necessary to consider how to secure these devices from malicious attacks. This work presents an implementation of prior work that developed a theoretical security model whose specific intent was to secure IMDs with long-range wireless capabilities against both passive and active adversaries, while also ensuring the safety of the patient. This implementation is known as the Bluetooth Low Energy (BLE) Cloaker model and provides a prototype system that uses BLE as the long-range communication medium between an emulated IMD, an external programmer, and the BLE Cloaker device itself. The BLE Cloaker acts as a secure data proxy between the IMD and the external programmer. This prototype shows the benefits and drawbacks of this theoretical model when used in a real world system as well as the security strengths and weaknesses of using BLE as the wireless link in a medical application

The Applications of the Internet of things in the Medical Field

The Internet of Things (IoT) paradigm promises to make “things” include a more generic set of entities such as smart devices, sensors, human beings, and any other IoT objects to be accessible at anytime and anywhere. IoT varies widely in its applications, and one of its most beneficial uses is in the medical field. However, the large attack surface and vulnerabilities of IoT systems needs to be secured and protected. Security is a requirement for IoT systems in the medical field where the Health Insurance Portability and Accountability Act (HIPAA) applies. This work investigates various applications of IoT in healthcare and focuses on the security aspects of the two internet of medical things (IoMT) devices: the LifeWatch Mobile Cardiac Telemetry 3 Lead (MCT3L), and the remote patient monitoring system of the telehealth provider Vivify Health, as well as their implementations