1

Can someone suggest if it is possible in BLE communication to authenticate the central from peripherial before connection is established?

Example: 1) Peripherial Advertises continuously 2) Central discovers Peripherial and sends connection request 3) Connection is Established and Advertising stops 3) Peripherial authenticates central via AES or Pairing etc. 4) If authentication is succesful transfer data.

Either ways once this malicious central has connected to peripherial the Genuine Central will not be able to as each peripherial. If I have understood properly, Peripherial can not end connection or start connection and peripherial do not allow simultaneous connections.

How can I solve this problem? Even if some way of terminating connection from peripherial is made possible, the malicious central will keep reconnecting hence essentially performing DENIAL OF SERVICE(DOS) attack.

Thank You!

Sam Protsenko
  • 14,045
  • 4
  • 59
  • 75
Aakash Thakkar
  • 301
  • 1
  • 3
  • 20
  • i think below link will help you, https://stackoverflow.com/questions/43567569/how-to-ask-for-authentication-before-connect-to-devices-using-bluetooth/45032813#45032813 Regards Bharath GK – Bharath G K Jul 11 '17 at 11:16

2 Answers2

1

You have the sequence slightly wrong. It should be -

  1. Peripheral advertises
  2. Central discovers peripheral and attempts to connect
  3. PIN is requested if central is not already paired
  4. Connection completes if pairing is successful. If not return to state 1
  5. If connection is successful advertising stops and data can be transferred.

So, the security is based on the PIN being kept a secret. If the PIN is well-known (i.e. defaults to 0000) or can be easily discovered (printed/displayed on the device and physical access is possible) then security is compromised.

In theory a DOS attack is also possible by making repeated connection attempts, but this does still leave an opportunity for the legitimate central to connect.

Paulw11
  • 108,386
  • 14
  • 159
  • 186
  • Hello, Thank you for the answer that makes sense. Can you guide me how to do that on iOS? The hm10 module has no pin enable or disable option. It only has a pin set option with default pin 0000000. So pin must be always enabled. Hence technically iOS should be asking for that pin while connecting to peripherial right? I have checked the cbcentralmanager methods and it does not mention pin anywhere, is it handled by ios showing a pop up to user like in pairing? Thank you! – Aakash Thakkar Mar 03 '15 at 03:05
  • iOS will request a PIN/pairing when an attempt is made to read/write an attribute that is flagged "encryption required". I suspect that the HM10 does not support this. If you have a requirement where a potential DOS is an issue you may need to use a different module. – Paulw11 Mar 03 '15 at 03:09
  • Yes but before read/write, the peripherial would have to be succesfully connected to the central if I am not mistaken? – Aakash Thakkar Mar 03 '15 at 05:20
  • Correct - as I pointed out in my answer there is still a potential for DOS by the "attacking" device connecting and just waiting at the "pair" screen, thereby blocking other connection attempts. – Paulw11 Mar 03 '15 at 05:26
1

Okay, this is a little late, but anyway: from v515 upwards you can use the AT+TYPEx command to change the authentication behaviour.

x can be, according to the docs:

  • 0:Not need PIN Code (default)
  • 1:Auth not need PIN
  • 2:Auth with PIN
  • 3:Auth and bond
hoiberg
  • 361
  • 3
  • 5