An Enhanced Passkey Entry Protocol for Secure Simple Pairing in Bluetooth
This work addresses security vulnerabilities in Bluetooth pairing for device users, but it is incremental as it builds on existing protocols.
The authors tackled the problem of securing Bluetooth pairing against eavesdropping and MITM attacks by enhancing the passkey entry protocol, resulting in a more secure and efficient method applicable to both BR/EDR and Bluetooth LE devices.
In this paper, we propose a simple enhancement for the passkey entry protocol in the authentication stage 1 of Secure Simple Pairing using preexisting cryptographic hash functions and random integer generation present in the protocol. The new protocol is more secure and efficient than previous known protocols. Our research mainly focuses on strengthening the passkey entry protocol and protecting the devices against passive eavesdropping and active Man-in-the-middle (MITM) attacks in both Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (Bluetooth LE). This method can be used for any device which uses the passkey entry protocol.