• 本文
• リロード
• 差分
• バックアップ
• 名前変更
• リファラ
• 新規ページ
• 編集

Bluetooth Classic/ペアリング

Secure Simple Pairing

Top / Secure Simple Pairing

Bluetooth 2.1以降

Bluetooth/仕様

• Bluetooth 5.3
  • Bluetooth Core Specification/Volume 1/Part A: Architecture > 5: Security Overview
  • Bluetooth Core Specification/Volume 2/Part C: BR/EDR Controller > LMP > 4: Procedure rules > 4.2 Security
  • Bluetooth Core Specification/Volume 2/Part F: BR/EDR Controller > Message Sequence Charts > 4.2 Simple Pairing message squence charts
  • Bluetooth Core Specification/Volume 2/Part H: BR/EDR Controller > Security Specification > 7 Secure Simple Pairing

• Bluetooth 2.1
  • Bluetooth Core Specification/Volume 1/Part A: Architecture > 5: Secure Simple Pairing Overview
  • Bluetooth Core Specification/Volume 2/Part C: Controller > LMP > 4: Procedure rules > 4.2 Security
  • Bluetooth Core Specification/Volume 2/Part H: Controller > Security Specification > 7 Secure Simple Pairing

概要

• The primary goal of Secure Simple Pairing is to simplify the pairing procedure for the user. Secondary goals are to maintain or improve the security in Bluetooth wireless technology.
• Since high levels of security and ease-of-use are often at opposite ends of the spectrum in many technologies and products, much care has been taken to maximize security while minimizing complexity from the end user's point of view.

フェーズ

Phase 1

• Public key exchange
  • それぞれECDHの鍵ペアを生成
  • 公開鍵の交換
  • DHKeyを求める
    • 両方でSecure ConnectionsがサポートされていればP-256楕円曲線暗号が使われる
    • そうでなければP-192?

Phase 2

• Authentication stage 1

Phase 3

• Authentication stage 2

Phase 4

• Link key calculation

Phase 5

• LMP Authentication and Encryption

用語

• eavesdropping:盗聴

目標

• Secure Simple Pairing has two security goals:
  • protection against passive eavesdropping and
  • protection against man-in-the-middle (MITM) attacks (active eavesdropping).
• It is a goal of Secure Simple Pairing to exceed the maximum security level provided by the use of a 16 alphanumeric PIN with the pairing algorithm used in Bluetooth Core Specification version 2.0 + EDR and earlier versions.
• Note that many Bluetooth devices compliant with Bluetooth Core Specification 2.0 + EDR and earlier versions use a 4-digit PIN or a fixed PIN of commonly known values significantly limiting the security on the link.

対策

パッシブ盗聴

• 楕円暗号により解読が困難に
• エントロピーは16桁PINの95bitと同程度

アクティブ盗聴 (MITM)

• ユーザーがアシスト: 6桁
  • Numeric Comparison
  • Passkey Entry:

アソシエーションモデル

• 利用されるアソシエーションモデルは2つのデバイスのIOキャパビリティによって決定される

Numeric Comparison

• 各々の機器に表示された「6桁の認証コード」を比較して一致確認
• スマホなど表示機能を持つ機器
• 目的
  • 正しいデバイスを接続している確認になる
  • MITM防止
• (PINとは違い)表示されている番号を知っても解読の役には立たない

Just Works

• 認証なし
• ヘッドフォンやマウスなど入力も表示もできない機器で使用

• The Just Works association model uses the Numeric Comparison protocol but the user is never shown a number and the application may simply ask the user to accept the connection (exact implementation is up to the end product manufacturer).
• MITM防止にはならない
• 4桁PINよりはセキュア (パッシブ盗聴を防げるので)

Out Of Band? (OOB)

• USBやNFCなどBluetooth以外の通信手段で認証

• BD_ADDRと暗号の情報を交換
• The OOB mechanism may be implemented as either read only or read/write.
• If one side is read only, a one-way authentication is performed.
• If both sides are read/write, a two-way authentication is performed.
• The OOB protocol is selected only when the pairing process has been activated by previous OOB exchange of information and one (or both) of the device(s) gives OOB as the IO capabilities.
• The protocol uses the information which has been exchanged and simply asks the user to confirm connection.
• The OOB association model does not support a solution where the user has activated a Bluetooth connection and would like to use OOB for authentication only.

Passkey Entry?

• 機器に表示された「パスキー」を他の機器で入力して認証
• キーボードなど

コマンド

• btmgmt ssp

参考

• https://www.tjsys.co.jp/focuson/clme-bluetooth/bt-security.htm
• https://www.ellisys.com/technology/een_bt07.pdf

関連

• FIPS