A Secure Authentication Scheme for Bluetooth Connection

Recently, Bluetooth technology is widely used by organizations and individuals to provide wireless personal area network (WPAN) because the radio frequency (RF) waves can easily penetrate obstacles and can propagate without direct line-of-sight (LoS). However, there are serious security challenges associated with wireless communication systems since they are easier to eavesdrop, disrupt and jam than the wired systems. Bluetooth technology uses either legacy pairing or secure and simple pairing (SSP), however both are vulnerable to attacks such as eavesdropping and man-in-the-middle (MITM) attacks. Therefore, this paper has proposed a secure protocol that uses a double encryption to identify the slave. The implementation of this proposal is based on the Arduino Integrated Development Environment (IDE) as software and a Bluetooth (BT) Shield connected to an Arduino Uno R3 boards as hardware. The result was verified on a Graphical User Interface (GUI) built in Microsoft Visual Studio 2010. It has shown that the proposed scheme works perfectly and the protocol thwarts the passive and active eavesdropping which exist during SSP. These attacks are defeated by avoiding the exchange of passwords and public keys in plain text. Therefore, this protocol is expected to be implemented by the Bluetooth Specification Interest Group (SIG) to enhance the security in Bluetooth connection.