Research of BLE 4.1 technology using Ubertooth One
Автор: Semenov E.S., Trofimov A.I., Okunev V.G.
Журнал: НБИ технологии @nbi-technologies
Рубрика: Информационные технологии в безопасности и телекоммуникациях
Статья в выпуске: 1 т.18, 2024 года.
Бесплатный доступ
Bluetooth technology, widely used in devices like smartphones, headphones, and speakers, raises significant security concerns due to its prevalence. This study delves into Bluetooth Low Energy (BLE), an enhanced version of Bluetooth 4.0 designed for low-power devices. BLE operates at 2.400-2.4835 GHz, utilizing 40 channels but detecting traffic on only three. It employs AES-CCM encryption with a 128-bit key length for security. The research utilizes the Ubertooth One device, an open-source wireless development platform at 2.4 GHz suitable for Bluetooth experiments. Ubertooth One features an ARM Cortex-M3 microcontroller, 1 MHz bandwidth, and 1 mW transmitter power. The study involves traffic analysis using Wireshark, a tool supporting various network protocols and offering traffic sorting and filtering capabilities. To capture BLE traffic, a software channel is created with Wireshark using the ubertooth-btle command. Subsequently, Crackle software is employed to decrypt data by exploiting vulnerabilities in BLE pairing processes in versions 4.0-4.1. Crackle can derive temporary, short-term, and long-term keys from captured traffic to decrypt subsequent encrypted packets. The vulnerability exploited by Crackle is absent in BLE version4.2 onwards due to the Secure Connection mode implementation. The experiment successfully captured BLE traffic, analyzed packet structures in Wireshark, and decrypted packets using Crackle, showcasing the importance of addressing security vulnerabilities in Bluetooth technologies. This study underscores the critical need for robust security measures in Bluetooth technologies to safeguard data integrity and confidentiality amidst the growing adoption of wireless communication devices.
Bluetooth, bluetooth low energy, ble, ubertooth one, wireshark, crackle
Короткий адрес: https://sciup.org/149145447
IDR: 149145447 | DOI: 10.15688/NBIT.jvolsu.2024.1.6