Security Improvement of Bluetooth: Implementation of Security Improvement of Bluetooth
Authors
Girges, Emad ; Ayyoub, Ahmad
Term
4. term
Publication year
2009
Pages
207
Abstract
Dette speciale foreslår en måde at styrke sikkerheden i Bluetooth på, med interaktioner mellem en kunde og et shoppingcenter som hovedeksempel. Bluetooth har kendte svagheder, der kan udsætte enheder for angreb. Designet fokuserer på at opbygge en sikker forbindelse og kommunikationskanal mellem kunden og shoppingcenteret og kan tilpasses andre sammenhænge. Rapporten forklarer grundlæggende sikkerhedsbegreber og giver et overblik over Bluetooth-protokoller for at motivere designet. Løsningen giver gensidig autentifikation mellem parterne og sikrer kommunikationskanalen med Diffie-Hellman-nøgleudveksling, en metode hvor to enheder kan blive enige om en fælles hemmelighed uden at afsløre den, hvilket mindsker risikoen for aflytning. Den gør også PIN-bekræftelse sværere at gætte og bruger app-baserede tiltag til at forhindre, at en angriber kan se koden fysisk under opsætningen, hvilket styrker initialisering/parring. Overordnet sigter designet mod at afhjælpe flere svagheder ved at introducere en ny sikkerhedsprotokol, der ikke tidligere er brugt med Bluetooth, hvilket reducerer almindelige risici og blokerer flere typer angreb i shoppingcenter-scenariet og ud over det.
This thesis proposes a way to strengthen Bluetooth security, using interactions between a customer and a shopping centre as the main example. Bluetooth has known weaknesses that can expose devices to attacks. The design focuses on building a secure connection and communication channel between the customer and the shopping centre and is intended to be adaptable to other settings. The report explains core security concepts and provides an overview of Bluetooth protocols to motivate the design. The solution offers mutual authentication between the parties and secures the communication channel with Diffie-Hellman key exchange, a method that lets two devices agree on a shared secret without revealing it, reducing the risk of eavesdropping. It also makes PIN confirmation harder to guess and uses application-based measures to prevent attackers from seeing the code physically during setup, thereby strengthening initialization/pairing. Overall, the design aims to address multiple weaknesses by introducing a new security protocol not previously used with Bluetooth, reducing common risks and blocking several types of attacks in the shopping-centre scenario and beyond.
[This abstract was generated with the help of AI]
Documents