| Since of the launch of Bluetooth technology in 1998, it develops rapidly in the area of mobile products, medical products and home appliances products with the characteristics of small size, low power consumption, ynchronous transmission of voice and data and universal. However, with the expansive scope of its application, the security issues of Bluetooth have been exposed. The technology of Bluetooth can't satisfy the requirement in high security occasion, such the banking system and the payment system. The issues of security has become a bottleneck restricting the development of Bluetooth technology. Thus, the study of improving the Bluetooth's security is of great significance.This thesis analyzes the role of the Bluetooth protocol and the protocols of the protocol stack, as well as the HCI instruction specification of the hardware and software modules in the Bluetooth system. Researching on the current security mechanism of Bluetooth system, including the security framework, the three security modes, and link-level security measures.Through the analysis of the Bluetooth protocol, we find that there are many insecurity factors existing in the current Bluetooth protocol. First, the authentication mechanism of Bluetooth system is imperfect, only to ensure the authenticity of the device entity, but were unable to verify the user's identity, leading to disguised attack; Second, because the Bluetooth system adopts wireless communication, so that the attacker can listen channel in order to intercept the transmission of sensitive information; In addition, the Bluetooth protocol allows using unit key for communication when the memory capcity is limited, which leads to the dependence of the previous behavior; It would result in paralysis of the nodes and unable to provide normal services in the condition of Denial Of Service attack since there is no limit on the number of Bluetooth device authentication.For security problem with the existing Bluetooth protocol, this thesis presents third improved scheme. Firstly, this thesis presents the user calibration system, which verifies the user's identity by setting the password. The system can effectively prevent the attacker by masquerading attacks; Secondly, a new link key generation scheme is proposed for memory-constrained devices. By using Personal Identification Number(PIN) for link key generation algorithm, it enables to encrypt each time instead of the originally determined unit key, which avoids additional burden on the memory device and prevent the unit key attack effectively; To prevent attackers access the plaintext transmitted in wireless channel information directly, a new authentication scheme is presented. The transparent authentication parameters are encrypted by AES-CBC encryption algorithm and transmitted in the wireless channel, which increases the difficulty of attacking, meanwhile, the number of authentication times is limited. The authentication process will give up if the number of authentication times is more than five, which prevents equipment paralysis caused by Denial Of Service attack effectively. Finally, the scheme proposed is implemented and tested, by the analysis of the test results, proved that the effects of three improvements on time performance can be controlled within 1 s, at the same time can effectively improve the safety performance of the Bluetooth system. |
PDF Full Text Request