Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Authenticated Multi-Party Key Agreement
ASIACRYPT '96 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Unknown Key-Share Attacks on the Station-to-Station (STS) Protocol
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
One-Pass EAP-AKA Authentication in 3G-WLAN Integrated Networks
Wireless Personal Communications: An International Journal
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
Security associations in personal networks: a comparative analysis
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures
IEEE Transactions on Wireless Communications
Robust Deniable Authentication Protocol
Wireless Personal Communications: An International Journal
Authentication and ID-Based Key Management Protocol in Pervasive Environment
Wireless Personal Communications: An International Journal
Secure communications over insecure channels based on short authenticated strings
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
| Hi-index | 0.00 |
This paper analyzes the security of Bluetooth v4.0's Secure Simple Pairing (SSP) protocol, for both the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (LE) operational modes. Bluetooth v4.0 is the latest version of a wireless communication standard for low-speed and low-range data transfer among devices in a human's PAN. It allows increased network mobility among devices such as headsets, PDAs, wireless keyboards and mice. A pairing process is initiated when two devices desire to communicate, and this pairing needs to correctly authenticate devices so that a secret link key is established for secure communication. What is interesting is that device authentication relies on humans to communicate verification information between devices via a human-aided out-of-band channel. Bluetooth v4.0's SSP protocol is designed to offer security against passive eavesdropping and man-in-the-middle (MitM) attacks. We conduct the first known detailed analysis of SSP for all its MitM-secure models. We highlight some issues related to exchange of public keys and use of the passkey in its models and discuss how to treat them properly.