e-space
Manchester Metropolitan University's Research Repository

    A secure authentication protocol against the co-located app attack in BLE

    Raza, Ali, Khan, Safiullah ORCID logoORCID: https://orcid.org/0000-0001-8342-6928 and Hwang, Seong Oun ORCID logoORCID: https://orcid.org/0000-0003-4240-6255 (2020) A secure authentication protocol against the co-located app attack in BLE. IEIE Transactions on Smart Processing and Computing, 9 (5). pp. 399-404.

    [img] Published Version
    File not available for download.
    Available under License In Copyright.

    Download (612kB)

    Abstract

    Bluetooth Low Energy (BLE) is used for periodic transmission of smaller data packages called attributes. BLE remains in sleep mode at all times except when participating in a data exchange, which reduces overall energy consumption. For secure communication, BLE devices need to pair first. The pairing has two or three phases. We say two or three phases because the third phase is optional and happens only if the devices are going to bond. The second pairing phase is made using a secure pairing scheme, but the third phase remains vulnerable to an attack named the co-located application (app) attack: a malicious app gets the same level of access to the paired protected data as the legitimate app. We provide an authentication protocol to mitigate this attack. Furthermore, we analyze the security of BLE communications after bonding, with or without our proposed protocol. Moreover, we also analyze the efficiency of the proposed protocol, and conclude that our proposed scheme makes BLE communications secure against the co-located app attack and is efficient enough to be practical.

    Impact and Reach

    Statistics

    Activity Overview
    6 month trend
    1Download
    6 month trend
    12Hits

    Additional statistics for this dataset are available via IRStats2.

    Altmetric

    Repository staff only

    Edit record Edit record