• KIPS Transactions on Computer and Communication Systems
• /
• v.5 no.12
• /
• pp.481-490
• /
• 2016

Bluetooth utilizes a symmetric key that is exchanged at the first pairing to establish a secure channel. There are four authentication modes which enables device authentication, Just work, Passkey Entry, Out of Band, and Numeric Comparison. Up to now, Just work has been considered as the authentication mode that is vulnerable to Man-In-The-Middle (MITM) Attack. In addition, it is possible to intentionally change any authentication mode to Just work mode, in order to succeed in MITM Attack under Just work mode. However, this kind of attacks have just worked under the assumption that users should not notice that authentication mode was changed. In this paper, We analyze the specification of Secure Simple Pairing, LE Legacy Pairing and LE Secure Connection Pairing. When using Passkey Entry mode on each approach, it seems the MITM attack is possible. Also it offers Passkey Entry MITM attack that does not require assumptions about the user's fault, because it isn't change verification process of the authentication mode unlike traditional attacks. We implement the proposed MITM attacks. Also we presents a scenario in which an attack can be exploited and a countermeasure.

• International Journal of Computer Science & Network Security
• /
• v.21 no.3
• /
• pp.60-70
• /
• 2021

In this paper we study the problem of implementation of security issues of blue tooth, especially secure simple pairing, with the help of an efficient four user authenticated key (4UAK) for an elliptic curve cryptography (ECC). This paper also deals with the design, implement and performance evaluation of secure simple pairing (SSP) using an elliptic curve cryptography, such as Diffie Hellman protocol when four users are involved. Here, we also compute the best, worst and average case step counts (time complexities). This work puts forth an efficient way of providing security in blue tooth. The time complexity of O(n⁴) is achieved using Rabin Miller Primality methodology. The method also reduces the calculation price and light communication loads.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.5
• /
• pp.793-801
• /
• 2022

Most Bluetooth devices are commonly used in various ways these days, but they can be often lost due to small-size devices. However, most Bluetooth protocol do not provide authentication functions to legitimate owners, and thus someone who obtains the lost Bluetooth device can easily connect to their smart devices to use it. In this paper, we propose NBAS can authenticates legitimate owners using NFT on lossy Bluetooth devices.NBAS generates a digital wallet on the blockchain using the decentralized network Ethereum blockchain and facilitating the MAC address of the Bluetooth device in the digital wallet. The owner of the wallet uses a private key to certify the Bluetooth device using NFT. The initial pairing time of NBAS was 10.25 sec, but the reconnection time was 0.007 sec similar to the conventional method, and the pairing rejection time for unapproved users was 1.58 sec on average. Therefore, the proposed NBAS effectively shows the device authentication over the conventional Bluetooth.

• Journal of Internet of Things and Convergence
• /
• v.2 no.2
• /
• pp.21-26
• /
• 2016

In this paper, it is possible to update the tourist information in real time, on/off-line tour proposes a solution(BBTS) based on a bluetooth beacon can provide tourist information without the need for wireless data network. BBTS consists of a bluetooth based data of the low-power supply system and the beacons and interoperable smart applications. Data supply system consists of the BLE & Beacon Pairing-based / non-pairing data transmission module with integral hardware. Smart application modules that provide indoor location of users information, internal server module and tourist information collection and information guide around comprised of applications. The proposed BBTS is possible that indoor service tourism tourist demand due to utilizing the beacon technology. Outdoor tourist information is designed to be downloaded to the smartphone receives the information received from the beacon APK file to provide services. BBTS system is expected to make a big impact on the smart tourism services industry.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.736-737
• /
• 2012

블루투스(Bluetooth)는 일반적으로 10m 안팍의 휴대폰, 노트북 등의 휴대기기를 서로 연결해 정보를 교환하는 근거리 무선 기술 표준이다. 이 표준 기술은 이어폰이나 기기간의 페어링을 통하여 정보를 공유하기위한 단일 서비스 제품으로 자주 사용되기도 하며, 스마프폰에서는 이 표준 기술을 제어하여 명함이나 개인의 사진, 동영상 그리고 문서파일등을 공유하기 위한 방식으로 활용되기도 한다. 하지만 가장 큰 문제는 Bluetooth 를 응용하여 기기간의 페어링을 진행하는 절차가 일반적 사용자에게는 너무 복잡하고, 기술적인 처리 방식을 요구함으로써 대중화된 서비스를 지원하기에는 부족한 점이 많다. 따라서, 본 논문에서는 Bluetooth 환경하에서 사용자에게 직접적인 파일 전송을 지원하기 위해 서비스 서버에서 각 단말의 정보를 통합 수신하고, 이를 각 단말에 전달하여 각 단말이 자동적으로 Bluetooth 연결을 구성하고 서비스는 이를 활용하여 Direct 하게 파일을 송수신하는 간결화된 근거리 기반의 통신 연결 서비스 구성 방식을 제안하고 이를 증명하고자 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.873-875
• /
• 2014

In this paper, we propose the access control system based bluetooth using the MAC address of the smart device. Access control system that propose compares the smart device MAC address entry and exit and MAC address that is registered with the server. Depending on whether the match was compared, access control is performed. Result of the experiment, control of door is possible only by bluetooth pairing of the bluetooth module and smart device. Therefore, it does not require access to another tool.In addition, Action for access approval is omitted. Therefore, the access authorization procedure is simplified compared to existing access control systems, it is possible to improve the convenience.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.961-964
• /
• 2012

NFC(Near Field Communication)는 10cm 이내의 거리에서 무선기기 간의 통신을 가능케 해주는 기술로 13.56 Mhz RF(Radio Frequency) 주파수 대역을 이용한 비접촉식 근거리 무선통신의 한 종류이다. 올해 출시되는 대부분의 스마트 폰에서 NFC 기능을 탑재하며, NFC기반의 모바일 결제 서비스가 가장 유망한 결제 방식으로 주목 받고 있다. 소비자는 NFC 모바일 단말기를 가지고 판매자의 POS(Point of Sale) 단말기와 근접 통신을 통해 결제를 진행하는 방식으로 다른 무선 통신 방식 (RFID, Bluetooth 등)보다 보안 취약성이 높지 않지만, 기존의 RFID 환경에서 일어날 수 있는 기술적 취약점과 비슷한 유형의 위협이 충분히 발생할 수 있으므로 유효한 보안 기술이 필요하다. 본 논문은 안전한 NFC 모바일 결제 환경을 구축하기 위한 공개키 알고리즘인 타원곡선 암호ECC(Elliptic Curve Cryptosystem)를 적용한 Bilinear Pairing을 활용해서 효율적이고 보안성도 강력한 인증 메커니즘을 제안한다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.7
• /
• pp.1262-1268
• /
• 2016

Bluetooth has been developed to be applied over the course of several versions in different environments. Especially low is moving to address the constraints, it gives a high utilization rate is faster than the Zigbee wireless LAN communication. To gather information on children's environmental copper transition to multiple versions. There is one limitation of Bluetooth requirements to effectively apply the information collected by Bluetooth. At the same time need to collect several information actions, Bluetooth can not connect to one of only seven Slave Master. In this paper, in order to take advantage of the many benefits of Bluetooth to gather the information by operating the Bluetooth operates in Beacon deliver packets of 168 bits, and the pairing between the master and slave unnecessarily generate a regular signal a large number of connections simultaneously Information We consider how to apply the effective policy that can be collected.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.410-411
• /
• 2018

In this paper, In this paper, Smart OBD2 terminal collects OBD2 Data on the vehicle. And it passes through this with SmartPhone Bluetooth. OBD2 system is the system to use a variety of Service using it in SmartPhone. Utilizing NFC to help ordinary people, it can easily use to configure the Bluetooth Pairing. By using the Bluetooth 4.0, it is maximized compatibility of Bluetooth. Furthermore OBD2 terminal is a system to minimize the standby power of the terminal to prevent the discharge of the vehicle up issues. Anyone can develop an OBD2 connection App by providing the interfaces to make DB to develop and understand ODB2 data.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2018.07a
• /
• pp.470-473
• /
• 2018

본 논문에서는 스마트폰과 스마트폰이 블루투스로 연결할 때 페어링 진행을 최초 1회만 하는 것에 대한 위험성에 관하여 연구하였다. 본 연구를 통하여 구현한 트로이목마 어플리케이션은 희생자 스마트폰과 페어링이 되어 있을 경우, 실행과 동시에 공격자의 스마트폰과 블루투스로 연결되도록 하였다. 희생자 스마트폰의 어플리케이션은 스마트폰의 카메라를 작동시켜 사진을 촬영하고 스마트폰에 저장된 주소록 데이터를 추출하며, 촬영한 사진과 추출한 주소록 데이터를 공격자의 스마트폰으로 전송한다. 공격자는 희생자의 스마트폰에서 탈취한 정보를 확인할 수 있다.