Title :
On the security of password-based pairing protocol in Bluetooth
Author :
Fan, Chia-Ming ; Shieh, Shiuhpyng ; Li, Bing-Han
Author_Institution :
Dept. of Comput. Sci., Nat. Chiao Tung Univ., Hsinchu, Taiwan
Abstract :
Bluetooth is a popular wireless communication technique, providing connection between portable or stationary devices in close range. A procedure called pairing needs to be performed when two devices intend to connect with each other in order to form a trusted pair and generate secret keys to protect the link. There are several modes of Bluetooth pairing, and password-based is the most convenient and prevalent way. In this paper, we discover a potential vulnerability in the password-based pairing protocol of the latest Bluetooth v4.0 proposed in 2010, which makes password guessing possible. To cope with the problem, a new scheme is proposed which can mitigate the network threats, and is compatible with the hardware of legacy Bluetooth devices. Note that our modification does not affect Bluetooth users´ custom. This makes it a suitable replacement for the new Bluetooth pairing protocol.
Keywords :
Bluetooth; protocols; radiocommunication; telecommunication security; Bluetooth v4.0 device; password-based pairing protocol security; wireless communication technique; Authentication; Bluetooth; Cryptography; Elliptic curves; Protocols; Bluetooth PIN authentication; Bluetooth pairing; password-based authenticated key exchange;
Conference_Titel :
Network Operations and Management Symposium (APNOMS), 2011 13th Asia-Pacific
Conference_Location :
Taipei
Print_ISBN :
978-1-4577-1668-3
DOI :
10.1109/APNOMS.2011.6076998
