On the security of password-based pairing protocol in Bluetooth

Chia Ming Fan*, Shiuhpyng Shieh, Bing Han Li

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Bluetooth is a popular wireless communication technique, providing connection between portable or stationary devices in close range. A procedure called pairing needs to be performed when two devices intend to connect with each other in order to form a trusted pair and generate secret keys to protect the link. There are several modes of Bluetooth pairing, and password-based is the most convenient and prevalent way. In this paper, we discover a potential vulnerability in the password-based pairing protocol of the latest Bluetooth v4.0 proposed in 2010, which makes password guessing possible. To cope with the problem, a new scheme is proposed which can mitigate the network threats, and is compatible with the hardware of legacy Bluetooth devices. Note that our modification does not affect Bluetooth users' custom. This makes it a suitable replacement for the new Bluetooth pairing protocol.

Original languageEnglish
Title of host publicationAPNOMS 2011 - 13th Asia-Pacific Network Operations and Management Symposium
Subtitle of host publicationManaging Clouds, Smart Networks and Services, Final Program
DOIs
StatePublished - 15 Dec 2011
Event13th Asia-Pacific Network Operations and Management Symposium: Managing Clouds, Smart Networks and Services, APNOMS 2011 - Taipei, Taiwan
Duration: 21 Sep 201123 Sep 2011

Publication series

NameAPNOMS 2011 - 13th Asia-Pacific Network Operations and Management Symposium: Managing Clouds, Smart Networks and Services, Final Program

Conference

Conference13th Asia-Pacific Network Operations and Management Symposium: Managing Clouds, Smart Networks and Services, APNOMS 2011
CountryTaiwan
CityTaipei
Period21/09/1123/09/11

Keywords

  • Bluetooth pairing
  • Bluetooth PIN authentication
  • password-based authenticated key exchange

Fingerprint Dive into the research topics of 'On the security of password-based pairing protocol in Bluetooth'. Together they form a unique fingerprint.

Cite this