Mastering IOT
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

BR/EDR security

Bluetooth security has existed as part of the protocol since 1.0 in some form. We discuss security for BR/EDR mode and BLE separately as the mechanisms are different. Starting with BR/EDR mode, there are multiple modes of authenticating and pairing. For both BR/EDR and BLE security, it is recommended to read and follow the latest security guide provided by the US National Institute of Standards and Technology: Guide to Bluetooth Security, NIST Special Publication (SP) 800-121 Rev. 2, NIST, 5/8/2017.

Pairing requires the generation of a secret symmetric key. In BR/EDR mode, this is called the link key, while in BLE mode it's termed the long-term key. Older Bluetooth devices used a Personal Identification Number (PIN) pairing mode to initiate link keys. Newer devices (4.1+) use secure simple pairing.

Secure Simple Pairing (SSP) provides a pairing process with a number of different association models for various use cases. SSP also uses public key cryptography to protect from eavesdropping and Man-in-the-Middle attacks (MITM). The models supported by SSP include:

  • Numeric comparison: For use cases where both Bluetooth devices can display a six-digit numeric value allowing a user to enter a yes/no response on each device if the numbers match.
  • Passkey entry: Used in situations where one device has a numeric display and the other only has a numeric keyboard. In this case, the user enters the value seen on the first device's display on the second device's keyboard. 
  • Just WorksTM : For situations where one device is headless and has no keyboard or display. It only provides minimal authentication and will not thwart a MITM attack. 
  • Out-of-band (OOB): This is used when the device has a secondary form of communication such as NFC or Wi-Fi. The secondary channel is used for discovery and cryptographic value exchange. It will only protect from eavesdropping and MITM if the OOB channel is secure.

Authentication in BR/EDR mode is a challenge-response action; for example, entering a PIN on a keypad. If the authentication fails, the device will wait for an interval before allowing a new attempt. The interval grows exponentially with each failed attempt. This is simply to frustrate the individual attempting to manually break a key code.

Encryption in BR/EDR mode can be set so that it is disabled for all traffic, so that it is encrypted for data traffic but broadcast communication will be raw, or so that all communication is encrypted. The encryption uses AES-CCM cryptography.

上一章目录下一章