一种从设备零秘密存储的蓝牙密钥协商方案
|
摘要
针对现有蓝牙配对协议难以抵抗中间人攻击、复制攻击的问题,提出了一种从设备零秘密存储的蓝牙密钥协商方案。该方案利用物理不可克隆函数(Physical Unclonable Functions,PUF),在从设备不存储任何秘密参数的情况下,通过"三次握手"实现主设备与从设备的双向认证及链路密钥协商。理论分析和实验结果表明,该方案不仅具有较高的安全性,而且通信、计算和存储开销均较小。
To solve the problem that the existing bluetooth pairing protocol is difficult to resist the man-in-the-middle attacks and replication attacks,a bluetooth key agreement scheme with zero secret storage in slave device was proposed.By using the Physical Unclonable Functions(PUF),this scheme realized the mutual authentication and link key agreement between the master device and the slave device through "three-time handshake" in the case that the slave device need not store any secret parameters.Theoretical analysis and experimental results show that the proposed scheme not only has high security,but also needs less communication,calculation and storage cost.
To solve the problem that the existing bluetooth pairing protocol is difficult to resist the man-in-the-middle attacks and replication attacks,a bluetooth key agreement scheme with zero secret storage in slave device was proposed.By using the Physical Unclonable Functions(PUF),this scheme realized the mutual authentication and link key agreement between the master device and the slave device through "three-time handshake" in the case that the slave device need not store any secret parameters.Theoretical analysis and experimental results show that the proposed scheme not only has high security,but also needs less communication,calculation and storage cost.
引文
[1] RAZA S,MISRA P,HE Z,et al.Building the Internet of Things with Bluetooth smart[J].Ad Hoc Networks,2017,57:19-31.
[2] Bluetooth SIG.Specification of the Bluetooth system:core pac- kage version 4.0[EB/OL].http://www.bluetooth.org,2009.
[3] PHAN R C W,MINGARD P.Analyzing the secure simple pairing in Bluetooth v4.0[J].Wireless Personal Communications,2012,64(4):719-737.
[4] BARNICKEL J,WANG J,MEYER U.Implementing an attack on bluetooth 2.1+ secure simple pairing in passkey entry mode[C]//IEEE International Conference on Trust,Security and Privacy in Computing and Communications.Liverpool:IEEE Press,2012:17-24.
[5] HAATAJA K,TOIVANEN P.Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures[J].IEEE Transactions on Wireless Communications,2010,9(1):384-392.
[6] PERREY H,UGUS O,WESTHOFF D.WiSec’2011 poster:security enhancement for bluetooth low energy with Merkle’s puzzle[J].ACM SIGMOBILE Mobile Computing and Communications Review,2011,15(3):45-46.
[7] HUANG Y B,HUANG Y C,YU B.Design of BLE Key Agree- ment Scheme Based on Hash Chain[J].Journal of System Simulation,2016,28(6):1412-1418.(in Chinese)黄艺波,黄一才,郁滨.基于哈希链的BLE密钥协商方案设计[J].系统仿真学报,2016,28(6):1412-1418.
[8] SKOROBOGATOV S.Flash memory ‘bumping’ attacks[C]∥ Cryptographic Hardware and Embedded Systems,CHES 2010.2010:158-172.
[9] MARCHAND C,BOSSUET L,MUREDDU U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2017,37(1):97-109.
[10] ZHANG X H,HUANG Y C,YU B.BLE Key Agreement Scheme Based on RSSI Variation Trend[J].Journal of System Simulation,2017,29(4):873-879.(in Chinese)张星昊,黄一才,郁滨.基于RSSI变化趋势的BLE密钥协商方案[J].系统仿真学报,2017,29(4):873-879.
[11] PAPPU R,RECHT B,TAYLOR J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030.
[12] ZHANG Z N,GUO Y B.Survery of physical unclonable function[J].Journal of Computer Applications,2012,32(11):3115-3120.(in Chinese)张紫楠,郭渊博.物理不可克隆函数综述[J].计算机应用,2012,32(11):3115-3120.
[13] NGUYEN P H,SAHOO D P.An Efficient and Scalable Mode- ling Attack on Lightweight Secure Physically Unclonable Function[J].IACR Cryptology ePrint Archive,2016,2016:428.
[14] AMAN M N,CHUA K C,SIKDAR B.Position Paper:Physical Unclonable Functions for IoT Security[C]//Proceedings of the 2nd ACM International Workshop on IoT Privacy,Trust,and Security.Xi’an,China,2016:10-13.
[15] MUTTI S,BACIS E,and PARABOSCHI S.Sesqlite:Security enhanced sqlite:Mandatory access control for android databases[C]//Proceedings of the 31st Annual Computer Security Applications Conference.Los Angeles,USA,2015:411-420.
[16] 王亚弟,束妮娜,韩继红,等.密码协议形式化分析[M].北京:机械工业出版设,2006:126-139.
[17] DIALLO A S,AL-KHATEEB W F M,OLANREWAJU R F,et al.A Secure Authentication Scheme for Bluetooth Connection[C]//International Conference on Computer and Communication Engineering.IEEE Press,2015:60-63.
[18] LALIS J T,GERARDO B D,BYUN Y.Securing Bluetooth Communication with Hybrid Pairing Protocol[J].International Journal of Security & Its Applications,2014,8(4):219-228.
[2] Bluetooth SIG.Specification of the Bluetooth system:core pac- kage version 4.0[EB/OL].http://www.bluetooth.org,2009.
[3] PHAN R C W,MINGARD P.Analyzing the secure simple pairing in Bluetooth v4.0[J].Wireless Personal Communications,2012,64(4):719-737.
[4] BARNICKEL J,WANG J,MEYER U.Implementing an attack on bluetooth 2.1+ secure simple pairing in passkey entry mode[C]//IEEE International Conference on Trust,Security and Privacy in Computing and Communications.Liverpool:IEEE Press,2012:17-24.
[5] HAATAJA K,TOIVANEN P.Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures[J].IEEE Transactions on Wireless Communications,2010,9(1):384-392.
[6] PERREY H,UGUS O,WESTHOFF D.WiSec’2011 poster:security enhancement for bluetooth low energy with Merkle’s puzzle[J].ACM SIGMOBILE Mobile Computing and Communications Review,2011,15(3):45-46.
[7] HUANG Y B,HUANG Y C,YU B.Design of BLE Key Agree- ment Scheme Based on Hash Chain[J].Journal of System Simulation,2016,28(6):1412-1418.(in Chinese)黄艺波,黄一才,郁滨.基于哈希链的BLE密钥协商方案设计[J].系统仿真学报,2016,28(6):1412-1418.
[8] SKOROBOGATOV S.Flash memory ‘bumping’ attacks[C]∥ Cryptographic Hardware and Embedded Systems,CHES 2010.2010:158-172.
[9] MARCHAND C,BOSSUET L,MUREDDU U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2017,37(1):97-109.
[10] ZHANG X H,HUANG Y C,YU B.BLE Key Agreement Scheme Based on RSSI Variation Trend[J].Journal of System Simulation,2017,29(4):873-879.(in Chinese)张星昊,黄一才,郁滨.基于RSSI变化趋势的BLE密钥协商方案[J].系统仿真学报,2017,29(4):873-879.
[11] PAPPU R,RECHT B,TAYLOR J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030.
[12] ZHANG Z N,GUO Y B.Survery of physical unclonable function[J].Journal of Computer Applications,2012,32(11):3115-3120.(in Chinese)张紫楠,郭渊博.物理不可克隆函数综述[J].计算机应用,2012,32(11):3115-3120.
[13] NGUYEN P H,SAHOO D P.An Efficient and Scalable Mode- ling Attack on Lightweight Secure Physically Unclonable Function[J].IACR Cryptology ePrint Archive,2016,2016:428.
[14] AMAN M N,CHUA K C,SIKDAR B.Position Paper:Physical Unclonable Functions for IoT Security[C]//Proceedings of the 2nd ACM International Workshop on IoT Privacy,Trust,and Security.Xi’an,China,2016:10-13.
[15] MUTTI S,BACIS E,and PARABOSCHI S.Sesqlite:Security enhanced sqlite:Mandatory access control for android databases[C]//Proceedings of the 31st Annual Computer Security Applications Conference.Los Angeles,USA,2015:411-420.
[16] 王亚弟,束妮娜,韩继红,等.密码协议形式化分析[M].北京:机械工业出版设,2006:126-139.
[17] DIALLO A S,AL-KHATEEB W F M,OLANREWAJU R F,et al.A Secure Authentication Scheme for Bluetooth Connection[C]//International Conference on Computer and Communication Engineering.IEEE Press,2015:60-63.
[18] LALIS J T,GERARDO B D,BYUN Y.Securing Bluetooth Communication with Hybrid Pairing Protocol[J].International Journal of Security & Its Applications,2014,8(4):219-228.