Digital signing for short-message broadcasted traffic in BLE marketing channel

Jarogniew Rykowski , Mateusz Nomańczuk

Abstract

As long as Bluetooth Low Energy (BLE) was mainly applied for broadcasting marketing information, the problem of trust of this transmission was treated as marginal. However, once the marketing channel was applied for such application as geolocation by means of BLE beacons, and e-payments, the problem of proper identification and authentication of the broadcasting device, as well as time\&place of interaction, become very sharp. This problem cannot be solved by means of traditional mechanisms such as symmetric and asymmetric cryptography, due to several reasons. First, symmetric cryptography needs a redistribution of an encryption key, common for all the network nodes or at least known for the network central authentication point, and kept secret for the lifetime of the nodes. It is very problematic how to keep such multi-copied and long-lasting information secret. Second, the messages broadcasted in BLE marketing channel are restricted by length and format, making it practically impossible to use longer encryption keys widely assumed as safe. Third, BLE devices are usually very restricted according to memory amount and processing power, thus classical implementation of PKI encryption algorithms is very problematic. Fourth, there is no way to apply usual two-directional interaction to exchange some data to be encrypted, e.g., to proof directly the fact of interaction between two devices. And last but not least, time representation in small autonomous devices is quite weak, thus the hardware must be extended by some additional verification mechanisms and specialized hardware modules. In the paper we present a practical approach to an efficient representation of a testbed for trusted geolocation beacons broadcasting in the BLE marketing channel. The encryption is based on external co-processor and elliptic curves algorithms, which made it possible to apply shorten keys and use minimum resources of the beacon (memory, processor, energy). To prevent the attacks of ``recording'' type in man-in-the-middle mode (reusing the broadcasted information obtained in one place in the other place/time), the broadcasted messages include time stamps generated by attached RTC units. The idea may be applied for the other types of IoT and sensor networks to improve trust and verification of broadcasted messages.
Author Jarogniew Rykowski (WIiGE / KTI)
Jarogniew Rykowski,,
- Department of Information Technology
, Mateusz Nomańczuk
Mateusz Nomańczuk,,
-
Pages167-173
Publication size in sheets0.5
Book Ganzha Maria, Maciaszek Leszek, Paprzycki Marcin (eds.): Position Papers of the 2016 Federated Conference on Computer Science and Information Systems, Annals of Computer Science and Information Systems, vol. 9, 2016, PTI, IEEE, ISBN 978-83-60810-93-4, [978-83-60810-94-1], 334 p., DOI:10.15439/978-83-60810-93-4
Keywords in Englishbluetooth, bluetooth low energy, beacons, cryptography
DOIDOI:10.15439/2016F580
URL https://annals-csis.org/Volume_9/drp/580.html
Languageen angielski
Score (nominal)0
Citation count*
Cite
Share Share

Get link to the record


* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back
Confirmation
Are you sure?