Address Privacy of Bluetooth Low Energy
Abstract
:1. Introduction
1.1. Previous Work on Bluetooth Privacy
- Privacy of advertisement and device address. Some literature [13,14] focused on implementing the addresses privacy mechanisms for the LE devices. Some literature [15,16,17,18,19,20] showed that the advertising procedure possibly leaks the identity information of the LE devices and therefore enhances the privacy of the advertising procedure. Ludant et al. [21] reported that LE advertisements could link to Bluetooth classic frames and the device’s globally unique identifier (i.e., BDADDR) due to the bad design of Bluetooth chips. They also developed several mitigations for the Bluetooth stack. Very recently, regarding Bluetooth LE, Zhang and Lin [22] showed that the address randomization scheme using the message authentication code (MAC) is vulnerable to replay attacks and further suggested timestamps-based randomized MAC addresses.
- Privacy of secure connection. Secure connection is the basis for LE devices to achieve authentication, integrity, confidentiality and other security services. The task of secure connection is to establish the link key between devices. In [23], we demonstrated the privacy vulnerability of the secure connection due to the reuse of the Diffie–Hellman key, and enhanced the privacy of the secure connection. Zhang et al. [24] showed downgrade attacks on secure connections only (SCO) and built a prototype for the SCO mode on Android 8 atop Android open-source project (AOSP). Tschirschnitz et al. [25] described a design flaw in the pairing mechanism of Bluetooth called method confusion and proposed changes to the Bluetooth specification that immunize it against method confusion.
1.2. Bluetooth Address and Its Privacy
1.3. Our Contributions
- (1)
- Although both attacks exploit replaying the sniffed RPA values to probe whether a device will respond or not, Zhang and Lin’s attack focuses on the linkage relations among the obsolete RPA values, tracking the targeted device using a real-time tunnel, and tracking the absent device. Our attack aims to recognize the targeted device that currently runs the RPA mechanism.
- (2)
- Zhang and Lin proposed a timestamp-based RPA mechanism and discussed possibility of the synchronized sequence number-based RPA mechanism and storage-based RPA mechanism. Our improvement only employs the counter to prevent the existing attacks. Note that the counter is not a sequence number because it does not require strict synchronization. We argue that the trust timestamp is not easily available in the IoT environments.
- (3)
- We propose a formal model to evaluate the privacy of the RPA mechanisms and further prove that our improvement is private under the proposed privacy model. However, Zhang and Lin’s work does not evaluate their timestamp-based RPA mechanism using the provable security approach. In fact, it is impossible due to the timestamp.
2. RPA Mechanism
2.1. Flow of RPA Mechanism
2.1.1. Initial Connection Procedure
2.1.2. Reconnection Procedure
2.2. Generation and Resolution of RPA
3. Privacy Weakness in RPA Mechanism
4. Improved RPA Mechanism
4.1. Improved Initial Connection Procedure
4.2. Improved Reconnection Procedure
4.3. Processing RPA/Local RPA Counter/Peer RPA Counter
4.4. Perforamce Evaluation of Our Improvement
5. Privacy Evaluation of Improved RPA Mechanism
5.1. Model Definition
- sid: the unique identifier of Πi, j;
- IRKi and IRKj: i’s local IRK and i’s peer IRK with j;
- IAj: j’s IA;
- LCi and PCi: i’s local RPA counter and i’s peer RPA counter with j;
- tran: a transcript of i’s current run of Πi, j so far, i.e., the ordered set of packets transmitted and received by i so far;
- δ: a Boolean variable set to true or false denoting whether accepts or rejects at the end of the run of Πi, j.
5.1.1. Attacker
5.1.2. Privacy
|Pr[Pri-ExpΠ, E(k) = 1|b = 0]Pr[b = 0] + Pr[Pri-ExpΠ, E(k) = 1|b = 1]Pr[b = 1] −
Pr[Pri-ExpΠ, E(k) = 0|b = 0]Pr[b = 0] − Pr[Pri-ExpΠ, E(k) = 0|b = 1]Pr[b = 1]| ≤
|1/2 + (1 − ν)/2 − 0/2 − ν/2| = 1 − v.
5.2. Privacy Result of Improved RPA Mechanism and Its Proof
|Pr[D(1k, F(k, )) = 1] − Pr[D(1k, R()) = 1]| ≤ ε(k).
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- IEEE Std 802.15.1; IEEE Standard for Telecommunications and Information Exchange between Systems-LAN/MAN-Specific Requirements-Part 15: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Wireless Personal Area Networks (WPANs). IEEE: Piscataway, NJ, USA, 2002. Available online: https://ieeexplore.ieee.org/document/1016473 (accessed on 10 October 2022).
- Talasila, M.; Curtmola, R.; Borcea, C. Collaborative Bluetooth-based location authentication on smart phones. Pervasive Mob. Comput. 2015, 17, 43–62. [Google Scholar] [CrossRef]
- Draghici, A.; Van Steen, M. A survey of techniques for automatically sensing the behavior of a crowd. ACM Comput. Surv. 2018, 51, 21. [Google Scholar] [CrossRef] [Green Version]
- Specification of the Bluetooth System, Covered Core Package Version: 4.0, Master Table of Contents & Compliance Requirements, Bluetooth SIG Proprietary. Available online: https://www.bluetooth.com/specifications/specs/core-specification-4-0 (accessed on 10 October 2022).
- Specification of the Bluetooth System, Covered Core Package Version: 5.2, Master Table of Contents & Compliance Requirements, Bluetooth SIG Proprietary. Available online: https://www.bluetooth.com/specifications/specs/core-specification-5-2 (accessed on 10 October 2022).
- Specification of the Bluetooth System, Covered Core Package Version: 5.3, Master Table of Contents & Compliance Requirements, Bluetooth SIG Proprietary. Available online: https://www.bluetooth.com/specifications/specs/core-specification-5-3 (accessed on 10 October 2022).
- Sun, D.Z.; Li, X.H. Vulnerability and Enhancement on Bluetooth Pairing and Link Key Generation Scheme for Security Modes 2 and 3. In Proceedings of the 18th International Conference on Information and Communications Security (ICICS’16), Singapore, 29 November–2 December 2016; Lam, K.Y., Chi, C.H., Eds.; Lecture Notes in Computer Science. Springer: Cham, Switzerland, 2016; Volume 9977, pp. 403–417. [Google Scholar]
- Sun, D.Z.; Mu, Y.; Susilo, W. Man-in-the-middle attacks on secure simple pairing in Bluetooth standard v5.0 and its countermeasure. Pers. Ubiquit. Comput. 2017, 22, 55–67. [Google Scholar] [CrossRef] [Green Version]
- Hassan, S.S.; Bibon, S.D.; Hossain, M.S.; Atiquzzaman, M. Security threats in Bluetooth technology. Comput. Secur. 2018, 74, 308–322. [Google Scholar] [CrossRef]
- Sun, D.Z.; Sun, L. On secure simple pairing in Bluetooth standard v5.0-part i: Authenticated link key security and its home automation and entertainment applications. Sensors 2019, 19, 1158. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Padgette, J.; Bahr, J.; Batra, M.; Holtmann, M.; Smithbey, R.; Chen, L.; Scarfone, K. Guide to Bluetooth Security. National Institute of Standards and Technology, U.S. Department of Commerce, Special Publication 800-121 Revision 2, May 2017. Available online: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-121r2.pdf (accessed on 10 October 2022).
- Cȁsar, M.; Pawelke, T.; Steffan, J.; Terhorst, G. A survey on Bluetooth low energy security and privacy. Comput. Netw. 2022, 205, 108712. [Google Scholar] [CrossRef]
- Gibbs, J. BLE and Laird’s BL6x0 Series & BT900 Modules: A Guide to Security and Privacy. EECatalog. 2014. Available online: https://www.lairdconnect.com/resources/white-papers/ble-and-lairds-bl6x0-series-bt900-modules-guide-security-and-privacy (accessed on 10 October 2022).
- AN99209. PSoC® 4 BLE and PRoC™ BLE: Bluetooth LE 4.2 Features. CYPRESS. 2017. Available online: https://www.cypress.com/file/224826/download (accessed on 10 October 2022).
- Wang, P. Bluetooth Low Energy—Privacy Enhancement for Advertisement. Ph.D. Thesis, Norwegian University of Science and Technology, Trondheim, Norway, June 2014. [Google Scholar]
- Das, A.K.; Pathak, P.H.; Chuah, D.N.; Mohapatra, P. Uncovering Privacy Leakage in BLE Network Traffic of Wearable Fitness Trackers. In Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications (HotMobile’16), St. Augustine, FL, USA, 23–24 February 2016; Association for Computing Machinery: New York, NY, USA, 2016; pp. 99–104. [Google Scholar]
- Fawaz, K.; Kim, K.H.; Shin, K.G. Protecting Privacy of BLE Device Users. In Proceedings of the 25th USENIX Security Symposium (USENIX Security’16), Austin, TX, USA, 10–12 August 2016; USENIX Association: Berkeley, CA, USA, 2016; pp. 1205–1221. [Google Scholar]
- Issoufaly, T.; Tournoux, P.U. BLEB: Bluetooth Low Energy Botnet for Large Scale Individual Tracking. In Proceedings of the 1st International Conference on Next Generation Computing Applications (NextComp’17), Flic-en-Flac, Mauritius, 19–21 July 2017; IEEE: New York, NY, USA, 2017; pp. 115–120. [Google Scholar]
- Korolova, A.; Sharma, V. Cross-App Tracking via Nearby Bluetooth Low Energy Devices. In Proceedings of the 8th ACM Conference on Data and Application Security and Privacy (CODASPY’18), Tempe, AZ, USA, 19–21 March 2018; Association for Computing Machinery: New York, NY, USA, 2018; pp. 43–52. [Google Scholar]
- Wu, J.L.; Nan, Y.H.; Kumar, V.; Payer, M.; Xu, D.Y. BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy Networks. In Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID’20), San Sebastian, Spain, 14–16 October 2020; USENIX Association: Berkeley, CA, USA, 2020; pp. 397–411. [Google Scholar]
- Ludant, N.; Vo-Huu, T.D.; Narain, S.; Noubir, G. Linking Bluetooth LE & Classic and Implications for Privacy-Preserving Bluetooth-Based Protocols. In Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP’21), Virtual Event, 24–27 May 2021; IEEE Computer Society: Los Alamitos, CA, USA, 2021; pp. 1318–1331. [Google Scholar]
- Zhang, Y.; Lin, Z.Q. When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-Based Side Channel and Its Countermeasure. In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS’22), Los Angeles, CA, USA, 7–11 November 2022; Association for Computing Machinery: New York, NY, USA, 2022; pp. 3181–3194. [Google Scholar]
- Sun, D.Z.; Sun, L.; Yang, Y. On secure simple pairing in Bluetooth standard v5.0-part ii: Privacy analysis and enhancement for low energy. Sensors 2019, 19, 3259. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Zhang, Y.; Weng, J.; Dey, R.; Jin, Y.E.; Lin, Z.Q.; Fu, X.W. Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20), Virtual Event, 12–14 August 2020; USENIX Association: Berkeley, CA, USA, 2020; pp. 37–54. [Google Scholar]
- von Tschirschnitz, M.; Peuckert, L.; Franzen, F.; Grossklags, J. Method Confusion Attack on Bluetooth Pairing. In Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP’21), Virtual Event, 24–27 May 2021; IEEE Computer Society: Los Alamitos, CA, USA, 2021; pp. 1332–1347. [Google Scholar]
- Bello-Ogunu, E.; Shehab, M.; Miazi, N.S. Privacy Is the Best Policy: A Framework for BLE Beacon Privacy Management. In Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC’19), Milwaukee, WI, USA, 15–19 July 2019; IEEE Computer Society: New York, NY, USA, 2019; pp. 823–832. [Google Scholar]
- Chen, Z.; Hu, H.B.; Yu, J.L. Privacy-Preserving Large-Scale Location Monitoring Using Bluetooth Low Energy. In Proceedings of the 11th International Conference on Mobile Ad-Hoc and Sensor Networks (MSN’15), Shenzhen, China, 16–18 December 2015; IEEE Computer Society: New York, NY, USA, 2015; pp. 69–78. [Google Scholar]
- Cha, S.C.; Chuang, M.S.; Yeh, K.H.; Huang, Z.J.; Su, C. A user-friendly privacy framework for users to achieve consents with nearby BLE devices. IEEE Access 2018, 6, 20779–20787. [Google Scholar] [CrossRef]
- IEEE Std 802-2014 (Revision to IEEE Std 802-2001); IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture. IEEE: Piscataway, NJ, USA, 2014. Available online: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6847097 (accessed on 10 October 2022).
- FIPS 197; Specification for the Advanced Encryption Standard (AES), Federal Information Processing Standards Publication (FIPS PUB) 197. National Institute of Standards and Technology: Gaithersburg, MD, USA, 2001. Available online: https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf (accessed on 10 October 2022).
- Katz, J.; Lindell, Y. Introduction to Modern Cryptography: Principles and Protocols, 3rd ed.; Chapman & Hall/CRC: Boca Raton, FL, USA, 2020; pp. 75–84. [Google Scholar]
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Sun, D.; Tian, Y. Address Privacy of Bluetooth Low Energy. Mathematics 2022, 10, 4346. https://doi.org/10.3390/math10224346
Sun D, Tian Y. Address Privacy of Bluetooth Low Energy. Mathematics. 2022; 10(22):4346. https://doi.org/10.3390/math10224346
Chicago/Turabian StyleSun, Dazhi, and Yangguang Tian. 2022. "Address Privacy of Bluetooth Low Energy" Mathematics 10, no. 22: 4346. https://doi.org/10.3390/math10224346