计算机科学 ›› 2019, Vol. 46 ›› Issue (4): 151-157.doi: 10.11896/j.issn.1002-137X.2019.04.024

• 信息安全 • 上一篇    下一篇

一种从设备零秘密存储的蓝牙密钥协商方案

李森森, 黄一才, 郁滨   

  1. 信息工程大学 郑州450001
  • 收稿日期:2018-02-17 出版日期:2019-04-15 发布日期:2019-04-23
  • 通讯作者: 黄一才(1985-),男,硕士,讲师,主要研究方向为蓝牙、信息安全,E-mail:huangyicai3698@163.com(通信作者)
  • 作者简介:李森森(1993-),男,硕士,主要研究方向为蓝牙、信息安全,E-mail:lss589@163.com;郁 滨(1964-),男,教授,博士生导师,主要研究方向为信息安全、无线通信安全及视觉密码。
  • 基金资助:
    本文受国防信息保障技术重点实验室开放基金(KJ-15-104)资助。

Bluetooth Key Agreement Scheme with Zero Secret Storage in Slave Device

LI Sen-sen, HUANG Yi-cai, YU Bin   

  1. Information Engineering University,Zhengzhou 450001,China
  • Received:2018-02-17 Online:2019-04-15 Published:2019-04-23

摘要: 针对现有蓝牙配对协议难以抵抗中间人攻击、复制攻击的问题,提出了一种从设备零秘密存储的蓝牙密钥协商方案。该方案利用物理不可克隆函数(Physical Unclonable Functions,PUF),在从设备不存储任何秘密参数的情况下,通过“三次握手”实现主设备与从设备的双向认证及链路密钥协商。理论分析和实验结果表明,该方案不仅具有较高的安全性,而且通信、计算和存储开销均较小。

关键词: PUF, 复制攻击, 蓝牙, 密钥协商, 中间人攻击

Abstract: To solve the problem that the existing bluetooth pairing protocol is difficult to resist the man-in-the-middle attacks and replication attacks,a bluetooth key agreement scheme with zero secret storage in slave device was proposed.By using the Physical Unclonable Functions(PUF),this scheme realized the mutual authentication and link key agreement between the master device and the slave device through “three-time handshake” in the case that the slave device need not store any secret parameters.Theoretical analysis and experimental results show that the proposed scheme not only has high security,but also needs less communication,calculation and storage cost.

Key words: Bluetooth, Key agreement, Man-in-the-middle attack, PUF, Replication attack

中图分类号: 

  • TP309
[1]RAZA S,MISRA P,HE Z,et al.Building the Internet of Things with Bluetooth smart[J].Ad Hoc Networks,2017,57:19-31.
[2]Bluetooth SIG.Specification of the Bluetooth system:core pac- kage version 4.0[EB/OL].http://www.bluetooth.org,2009.
[3]PHAN R C W,MINGARD P.Analyzing the secure simple pairing in Bluetooth v4.0[J].Wireless Personal Communications,2012,64(4):719-737.
[4]BARNICKEL J,WANG J,MEYER U.Implementing an attack on bluetooth 2.1+ secure simple pairing in passkey entry mode[C]∥IEEE International Conference on Trust,Security and Privacy in Computing and Communications.Liverpool:IEEE Press,2012:17-24.
[5]HAATAJA K,TOIVANEN P.Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures[J].IEEE Transactions on Wireless Communications,2010,9(1):384-392.
[6]PERREY H,UGUS O,WESTHOFF D.WiSec’2011 poster:security enhancement for bluetooth low energy with Merkle’s puzzle[J].ACM SIGMOBILE Mobile Computing and Communications Review,2011,15(3):45-46.
[7]HUANG Y B,HUANG Y C,YU B.Design of BLE Key Agree- ment Scheme Based on Hash Chain[J].Journal of System Simulation,2016,28(6):1412-1418.(in Chinese) 黄艺波,黄一才,郁滨.基于哈希链的BLE密钥协商方案设计[J].系统仿真学报,2016,28(6):1412-1418.
[8]SKOROBOGATOV S.Flash memory ‘bumping’ attacks[C]∥ Cryptographic Hardware and Embedded Systems,CHES 2010.2010:158-172.
[9]MARCHAND C,BOSSUET L,MUREDDU U,et al.Implementation and characterization of a physical unclonable function for IoT:a case study with the TERO-PUF[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2017,37(1):97-109.
[10]ZHANG X H,HUANG Y C,YU B.BLE Key Agreement Scheme Based on RSSI Variation Trend[J].Journal of System Simulation,2017,29(4):873-879.(in Chinese) 张星昊,黄一才,郁滨.基于RSSI变化趋势的BLE密钥协商方案[J].系统仿真学报,2017,29(4):873-879.
[11]PAPPU R,RECHT B,TAYLOR J,et al.Physical one-way functions[J].Science,2002,297(5589):2026-2030.
[12]ZHANG Z N,GUO Y B.Survery of physical unclonable function[J].Journal of Computer Applications,2012,32(11):3115-3120.(in Chinese) 张紫楠,郭渊博.物理不可克隆函数综述[J].计算机应用,2012,32(11):3115-3120.
[13]NGUYEN P H,SAHOO D P.An Efficient and Scalable Mode- ling Attack on Lightweight Secure Physically Unclonable Function[J].IACR Cryptology ePrint Archive,2016,2016:428.
[14]AMAN M N,CHUA K C,SIKDAR B.Position Paper:Physical Unclonable Functions for IoT Security[C]∥Proceedings of the 2nd ACM International Workshop on IoT Privacy,Trust,and Security.Xi’an,China,2016:10-13.
[15]MUTTI S,BACIS E,and PARABOSCHI S.Sesqlite:Security enhanced sqlite:Mandatory access control for android databases[C]∥Proceedings of the 31st Annual Computer Security Applications Conference.Los Angeles,USA,2015:411-420.
[16]王亚弟,束妮娜,韩继红,等.密码协议形式化分析[M].北京:机械工业出版设,2006:126-139.
[17]DIALLO A S,AL-KHATEEB W F M,OLANREWAJU R F,et al.A Secure Authentication Scheme for Bluetooth Connection[C]∥International Conference on Computer and Communication Engineering.IEEE Press,2015:60-63.
[18]LALIS J T,GERARDO B D,BYUN Y.Securing Bluetooth Communication with Hybrid Pairing Protocol[J].International Journal of Security & Its Applications,2014,8(4):219-228.
[1] 蹇奇芮, 陈泽茂, 武晓康.
面向无人机通信的认证和密钥协商协议
Authentication and Key Agreement Protocol for UAV Communication
计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098
[2] 梁珍珍, 徐明.
基于海洋水声信道的密钥协商方案
Key Agreement Scheme Based on Ocean Acoustic Channel
计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097
[3] 倪亮, 王念平, 谷威力, 张茜, 刘伎昭, 单芳芳.
基于格的抗量子认证密钥协商协议研究综述
Research on Lattice-based Quantum-resistant Authenticated Key Agreement Protocols:A Survey
计算机科学, 2020, 47(9): 293-303. https://doi.org/10.11896/jsjkx.200400138
[4] 程庆丰, 李钰汀, 李兴华, 姜奇.
面向边缘计算环境的密码技术研究综述
Research on Application of Cryptography Technology for Edge Computing Environment
计算机科学, 2020, 47(11): 10-18. https://doi.org/10.11896/jsjkx.200500003
[5] 秦艳琳, 吴晓平, 胡卫.
多重PKG环境中高效的身份基认证密钥协商协议
Efficient Identity-based Authenticated Key Agreement Protocol with Multiple Private Key Generators
计算机科学, 2020, 47(11): 68-72. https://doi.org/10.11896/jsjkx.191000008
[6] 张向阳,孙子文.
自动纠错CRO PUF密钥生成方案
Automatic Error Correction CRO PUF Key Generation Scheme
计算机科学, 2020, 47(1): 302-308. https://doi.org/10.11896/jsjkx.181202390
[7] 沈鸿, 刘军发, 陈益强, 蒋鑫龙, 黄正宇.
基于多模融合的半监督场景识别方法
Semi-supervised Scene Recognition Method Based on Multi-mode Fusion
计算机科学, 2019, 46(12): 306-312. https://doi.org/10.11896/jsjkx.191200500C
[8] 杜浩瑞, 陈建华, 戚明平, 彭聪, 范青.
一个前向安全的基于RSA的多服务器的认证协议
Forward-secure RSA-based Multi-server Authentication Protocol
计算机科学, 2019, 46(11A): 409-413.
[9] 王松伟, 陈建华.
基于智能卡的扩展混沌映射异步认证密钥协商协议
Chaotic Mapping Asynchronous Authentication Key Agreement Scheme with Smart-cards
计算机科学, 2019, 46(1): 175-181. https://doi.org/10.11896/j.issn.1002-137X.2019.01.027
[10] 谢艳容, 马文平, 罗维.
一种新的信息服务实体跨域认证模型
New Cross-domain Authentication Model for Information Services Entity
计算机科学, 2018, 45(9): 177-182. https://doi.org/10.11896/j.issn.1002-137X.2018.09.029
[11] 霍士伟,杨文静,李景智,申金山.
一种新的基于身份的Ad hoc认证和密钥协商方案
New Identity-based Authentication and Key Agreement Scheme in Ad hoc Networks
计算机科学, 2018, 45(6A): 380-382.
[12] 魏振宇,芦翔,史庭俊.
基于PKI体系的跨域密钥协商协议
Cross-domain PKI-based Key Agreement Protocol
计算机科学, 2017, 44(1): 155-158. https://doi.org/10.11896/j.issn.1002-137X.2017.01.030
[13] 宋亚鹏,陈昕.
EGAKA:一种面向LTE-A机器类型通信的高效组认证与密钥协商协议
EGAKA:An Efficient Group Authentication and Key Agreement Protocol for MTC in LTE-A Network
计算机科学, 2016, 43(Z6): 342-347. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.082
[14] 赵作人,刘廷龙.
RFID技术在Android系统上的应用实现
RFID Technology Realization in Android System
计算机科学, 2016, 43(Z6): 518-522. https://doi.org/10.11896/j.issn.1002-137X.2016.6A.123
[15] 王杰华,刘会平,邵浩然,夏海燕.
一种新颖的基于Hash函数的无线双向安全认证方案
Novel Two-way Security Authentication Wireless Scheme Based on Hash Function
计算机科学, 2016, 43(11): 205-209. https://doi.org/10.11896/j.issn.1002-137X.2016.11.040
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!