TY - GEN
T1 - On the security of password-based pairing protocol in Bluetooth
AU - Fan, Chia Ming
AU - Shieh, Shiuhpyng
AU - Li, Bing Han
PY - 2011
Y1 - 2011
N2 - Bluetooth is a popular wireless communication technique, providing connection between portable or stationary devices in close range. A procedure called pairing needs to be performed when two devices intend to connect with each other in order to form a trusted pair and generate secret keys to protect the link. There are several modes of Bluetooth pairing, and password-based is the most convenient and prevalent way. In this paper, we discover a potential vulnerability in the password-based pairing protocol of the latest Bluetooth v4.0 proposed in 2010, which makes password guessing possible. To cope with the problem, a new scheme is proposed which can mitigate the network threats, and is compatible with the hardware of legacy Bluetooth devices. Note that our modification does not affect Bluetooth users' custom. This makes it a suitable replacement for the new Bluetooth pairing protocol.
AB - Bluetooth is a popular wireless communication technique, providing connection between portable or stationary devices in close range. A procedure called pairing needs to be performed when two devices intend to connect with each other in order to form a trusted pair and generate secret keys to protect the link. There are several modes of Bluetooth pairing, and password-based is the most convenient and prevalent way. In this paper, we discover a potential vulnerability in the password-based pairing protocol of the latest Bluetooth v4.0 proposed in 2010, which makes password guessing possible. To cope with the problem, a new scheme is proposed which can mitigate the network threats, and is compatible with the hardware of legacy Bluetooth devices. Note that our modification does not affect Bluetooth users' custom. This makes it a suitable replacement for the new Bluetooth pairing protocol.
KW - Bluetooth PIN authentication
KW - Bluetooth pairing
KW - password-based authenticated key exchange
UR - http://www.scopus.com/inward/record.url?scp=83255165557&partnerID=8YFLogxK
U2 - 10.1109/APNOMS.2011.6076998
DO - 10.1109/APNOMS.2011.6076998
M3 - Conference contribution
AN - SCOPUS:83255165557
SN - 9781457716706
T3 - APNOMS 2011 - 13th Asia-Pacific Network Operations and Management Symposium: Managing Clouds, Smart Networks and Services, Final Program
BT - APNOMS 2011 - 13th Asia-Pacific Network Operations and Management Symposium
T2 - 13th Asia-Pacific Network Operations and Management Symposium: Managing Clouds, Smart Networks and Services, APNOMS 2011
Y2 - 21 September 2011 through 23 September 2011
ER -