Fake It till You Make It: Enhancing Security of Bluetooth Secure Connections via Deferrable Authentication
The Bluetooth protocol for wireless connection between devices comes with several security measures toprotect confidentiality and integrity of data. At the heart of these security protocols lies the SecureSimple Pairing, wherewith the devices can negotiate a shared key before communicating sensitivedata. Despite the good intentions, the Bluetooth security protocol has repeatedly been shown tobe vulnerable, especially with regard to active attacks on the Secure Simple Pairing.
In the talk, we present a mechanism to limit active attacks on the Secure Connections protocol (the more secure version of the Secure Simple Pairing protocol), without infringing on the current Bluetooth protocol stack specification. The idea is to run an authentication protocol, like a classical challenge-response step for certified keys, within the existing infrastructure, even at a later, more convenient point in time. Not only does this authentication step ensure freshness of future encryption keys, but an interesting feature is that it—a posteriori—also guarantees security of previously derived encryption keys. This approach prevents a large set of known attacks on the Bluetooth protocol.
- Series:
- Cryptography Talk Series
- Date:
- Speakers:
- Olga Sanina
Series: Cryptography Talk Series
-
-
How to Compress Garbled Circuit Input Labels, Efficiently
Speakers:- Hanjun Li
-
Attestations over TLS 1.3 and ZKP
Speakers:- Sofía Celi
-
A Closer Look at Falcon
Speakers:- Jonas Janneck
-
Quantum Lattice Enumeration in Limited Depth, Fernando Virdia
Speakers:- Fernando Virdia
-
-
Improving the Security of United States Elections with Robust Optimization
Speakers:- Brad Sturt
-
TrustRate: A Decentralized Platform for Hijack-Resistant Anonymous Reviews
Speakers:- Rohit Dwivedula
