PHAN, R.C.-W. and MINGARD, P., 2012. Analyzing the secure simple pairing in Bluetooth v4.0. Wireless Personal Communications, 64 (4), pp. 719-737.
This paper analyzes the security of Bluetooth v4.0’s Secure Simple Pairing
(SSP) protocol, for both the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR)
and Bluetooth Low Energy (LE) operational modes. Bluetooth v4.0 is the latest version
of a wireless communication standard for low-speed and low-range data transfer among
devices in a human’s PAN. It allows increased network mobility among devices such
as headsets, PDAs, wireless keyboards and mice. A pairing process is initiated when
two devices desire to communicate, and this pairing needs to correctly authenticate
devices so that a secret link key is established for secure communication. What is
interesting is that device authentication relies on humans to communicate verification
information between devices via a human-aided out-of-band channel. Bluetooth v4.0’s
SSP protocol is designed to offer security against passive eavesdropping and man-inthe-
middle (MitM) attacks. We conduct the first known detailed analysis of SSP for all
its MitM-secure models. We highlight some issues related to exchange of public keys
and use of the passkey in its models and discuss how to treat them properly.
The original publication is available at www.springerlink.com