Improving the Privacy-Preserving of Covid-19 Bluetooth-Based Contact Tracing Applications Against Tracking Attacks

Bluetooth is an essential wireless standard for short-distance and low-power wireless networks. Health departments’ contact-tracing applications depended on Bluetooth technology to prevent infectious diseases from spreading, especially COVID-19. The security threats of the Bluetooth-based contact-tracing applications increased because an adversary can use them as surveillance tools that violate the user’s privacy and revealpersonal information. The Bluetooth standard mainly depends on the device address in its authenticated pairing mechanism (Secure Simple Pairing), which can collect with off-the-shelf hardware and software and leads to a tracking attack. To avoid the risk of tracking based on this security vulnerability in the Bluetooth protocol, we suggest a novel authentication protocol based on a noninteractive zero-knowledge scheme to substitute the authentication protocol used in the Bluetooth standard. The new protocol can replace the authentication protocol in the Bluetooth stack without any modification in the device pairing flow. Finally, we prove the security of our proposed scheme against the man-in-themiddle attack and tracking attack. A performance comparison with the authentication algorithm in the BLE standard shows that our method mitigates the tracking attack with low communication messages. Our results help enhance the contact-tracing application’s security in which Bluetooth access is available.

On Secure Simple Pairing in Bluetooth Standard v5.0-Part II: Privacy Analysis and Enhancement for Low Energy

Bluetooth low energy devices are very popular in wireless personal area networks. According to the Bluetooth standard specifications, the low energy secure simple pairing (LESSP) protocol is the process by which the pairing devices negotiate the authenticated secret key. To violate the user privacy, the adversary can perhaps link the runs of the LESSP protocol to the targeted device, which usually relates to the specially appointed user. Hence, we investigate deep into the privacy of the LESSP protocol. Our main contributions are threefold: (1) We demonstrate that the LESSP protocol suffers from privacy vulnerability. That is, an adversary without any secret key is able to identify the targeted device by the LESSP protocol. (2) An improvement is therefore proposed to repair the privacy vulnerability in the LESSP protocol. (3) We develop a formal privacy model to evaluate the privacy vulnerabilities in the LESSP protocol and its improved versions. We further prove that our improvement on the LESSP protocol is private under the privacy model. In addition, the performance evaluation shows that our improvement is as efficient as the LESSP protocol. Our research results are beneficial to the privacy enhancement of Bluetooth systems in wireless personal area networks.

On Secure Simple Pairing in Bluetooth Standard v5.0-Part I: Authenticated Link Key Security and Its Home Automation and Entertainment Applications

Bluetooth is an important technical standard for short-range and low-power wireless communication. The home automation and entertainment (HAE) systems often make use of Bluetooth technology to link different Bluetooth devices and form Bluetooth networks. The security concerns of the HAE systems are raised due to massive deployment of the Bluetooth devices. The Bluetooth standard mainly depends on the secure simple pairing (SSP) solution to protect the Bluetooth devices. Hence, we investigate the SSP solution according to the Bluetooth standard v5.0. The contributions are threefold. (1) A formal security model is proposed to evaluate SSP’s association models and authenticated link key. (2) We formally analyze two SSP protocols and present the security requirements for basic cryptographic modules in these SSP protocols. (3) We discuss the typical SSP applications in the HAE systems. Our results are useful to not only evaluating and designing the SSP protocols but also enhancing the security of the HAE systems in which the Bluetooth access is available.