Authentication protocol for internet of things devices using bluetooth low energy

VIETNAM NATIONAL UNIVERSITY HO CHI MINH CITY UNIVERSITY OF TECHNOLOGY --- NGUYEN LE PHUONG THAO AUTHENTICATION PROTOCOL FOR INTERNET OF THINGS DEVICES USING BLUETOOTH LOW ENERGY Majo

VIETNAM NATIONAL UNIVERSITY

HO CHI MINH CITY UNIVERSITY OF TECHNOLOGY

-

NGUYEN LE PHUONG THAO

AUTHENTICATION PROTOCOL FOR INTERNET OF THINGS DEVICES USING BLUETOOTH LOW ENERGY

Majors: Computer Science

ID: 60480101

MASTER THESIS

Ho Chi Minh City, January 2021

THE WORK IS DONE AT HO CHI MINH CITY UNIVERSITY OF

TECHNOLOGY – VNU – HCM

Scientific supervisor: Assoc Prof Dang Tran Khanh

The reviewer 1: Assoc Prof Tran Trung Hieu

The reviewer 2: Assoc Prof Nguyen Tuan Dang

This master thesis is defended at Ho Chi Minh City University of Technology – VNU – HCM on 22nd January 2021 The master thesis assessment committee includes: 1 Assoc Prof Tran Minh Quang

2 Dr Phan Trong Nhan

3 Assoc Prof Huynh Trung Hieu

4 Assoc Prof Nguyen Tuan Dang

5 Assoc Prof Dang Tran Khanh

Confirmation of the Chairman of the assessment committee and the Head of the specialized management department after the thesis has been corrected (if any)

ASSESSMENT COMMITTEE COMPUTER SCIENCE AND ENGINEERING

VNU –HO CHI MINH CITY

HO CHI MINH CITY UNIVERSITY

Major: Computer Science Major ID: 60480101

I THESIS TITLE: Authentication Protocol for Internet of Things Devices using Bluetooth low energy

II TASKS AND CONTENTS: Proposing an authentication protocol for Internet of

Things Devices using Bluetooth low energy, which is lightweight and secure

V SUPERVISOR: Assoc Prof Dang Tran Khanh

SUPERVISOR

(Sign and full name)

Ho Chi Minh City,…… Jan 2021

HEAD OF DEPARTMENT

(Sign and full name)

DEAN OF FACULTY OF COMPUTER SCIENCE AND ENGINEERING

(Sign and full name)

I would like to express my gratitude to my supervisor Assoc Prof Dang Tran Khanhfor the continuous support of my Master study and related research I am thankfulfor his patience, advice and all the opportunities he has given me during the last twoyears

I would like to thank my fellow master students and my co-workers at work for theirhelp, cooperation and our friendships as well, which have encouraged and got methrough certain difficult stages

Last but not least, I would like to thank my friends and my families, to my parents and

my sister for unconditionally supporting me throughout the course and life in general

Nguyen Le Phuong Thao

cover-is also a crucial part of IoTs One of the most popular standards for Device to Deviceconnection is Bluetooth Bluetooth Low Energy (BLE) is increasing in popularity,especially now many scientists are proposing it as a technique for contact tracing tocombat COVID-19 Additionally, BLE is being used in applications involving trans-ferring sensitive information such as home security systems Therefore, a secure au-thentication protocol for IoTs based on BLE framework will be necessary due to thelightweight and popularity of BLE.

In this thesis, I propose a new authentication solution for BLE with enhancedprivacy, but minimal impact on energy consumption I also provided a framework todemonstrate our protocol can be implemented on real devices, which support BLEmodules The correctness of the proposed scheme is formally proved with BAN logic.Additionally, I provided an information security analysis to prove my protocol canwithstand typical types of cyberattacks Last but not least, I measured the executiontime and power consumption when applying my protocol on the top of BLE frame-work I also attach three publicized articles regarding to my research during masterstudy

Tóm tắt luận văn

Hơn hai mươi năm đã trôi qua kể từ ngày thuật ngữ “Internet of Things” (IoTs) lần đầutiên xuất hiện, giờ đây các hệ thống IoTs đã quá quen thuộc trong cuộc sống hàng ngàycủa chúng ta Lợi ích to lớn của nó đến từ sự kết nối chặt chẽ thiết bị và hệ thốngvôcùng đa dạng về mặt chủng loại, hình dáng, kích thước cũng như chức năng Đượcxem là tương lai của Internet, sự phát triển của IoT đi kèm với các yêu cầu cấp thiết

về việc cung cấp bảo mật và quyền riêng tư khi số lượng thiết bị IoT được triển khaităng nhanh hàng năm Trong số đó, khả năng xác thực là yêu cầu quan trọng đối vớiIoT Kết nối thiết bị với thiết bị cũng là một phần thiết yếu của IoT Một trong nhữngtiêu chuẩn phổ biến nhất cho kết nối Thiết bị với Thiết bị là Bluetooth Bluetooth LowEnergy (BLE) đang ngày càng phổ biến, đặc biệt là khi hiện nay nhiều nhà khoa họcđang đề xuất nó như một kỹ thuật truy tìm liên lạc để chống lại COVID-19 Ngoài ra,BLE đang được sử dụng trong các ứng dụng liên quan đến việc chuyển thông tin nhạycảm như hệ thống an ninh gia đình Do đó, một giao thức xác thực an toàn cho IoTsdựa trên nền tảng BLE sẽ là cần thiết do tính hiệu quả và phổ biến của BLE

Trong luận văn này, tôi sẽ đề xuất một giải pháp xác thực mới cho IoTs trên nềntảng BLE với tính riêng tư được nâng cao nhưng tiêu thụ năng lượng một cách tốithiểu Tôi cũng đã cung cấp một khuôn khổ để chứng minh giao thức của chúng tôi

có thể được triển khai trên các thiết bị thực hỗ trợ các phần cứng BLE Tính đúng đắncủa giao thức đề xuất được chứng minh với logic BAN Ngoài ra, luận văn cũng cungcấp phân tích bảo mật thông tin để chứng minh giao thức được đề xuất có thể chốnglại các loại tấn công mạng điển hình Cuối cùng, tôi đã thực hiện các đo đạc cần thiết

để đảm bảo tính tiết kiệm năng lượng cuả giao thức

Declaration of authorship

I declare that the work presented herein is my own original work and has not beenpublished or submitted elsewhere for any degree programme, diploma or other qual-ifications Any literature data or work done by others and cited within this thesis hasbeen completely listed in the reference section

Nguyen Le Phuong Thao

1.1 Overview 1

1.2 Major purposes of the thesis 3

1.3 Contributions 3

1.3.1 Scientific contributions 3

1.3.2 Practical contributions 4

1.4 Research scope 4

1.5 Thesis outline 4

2 Backgrounds 6 2.1 Internet of Things overview 6

2.1.1 IoT properties 7

2.2 Public key cryptography 8

2.2.1 Public-key encryption 9

2.2.2 Public-key digital signature 10

2.3 Bluetooth Low Energy 11

2.3.1 Overview 11

2.3.2 Network topology 11

2.3.3 Security features 13

2.4 BAN-logic 15

2.4.1 BAN-logic overview 15

2.4.2 Notations 16

2.4.3 Typical protocol goals 17

2.4.4 Protocol analysis with BAN-logic 19

3 Related works 20 3.1 Criteria of Authentication schemes 20

3.2 Existing authentication frameworks 22

3.3 Previous work 23

4 Proposed scheme 26 4.1 Senario 26

4.2 Proposed protocol 27

5 System implementation and proposed framework 33 5.1 Hardware 33

5.2 Library information 33

5.3 OS information 35

5.4 Description 35

5.5 Experiment 38

6 Security analysis 41 6.1 Formal analysis 41

6.2 Informal analysis 44

6.2.1 Security Attributes 44

6.2.2 Security analysis 44

7 Performance analysis 47 7.1 Communication 47

7.2 Authentication Message Calculation 49

List of Figures

1.1 The global market of IoT devices estimations by years 2

1.2 The network architecure considered in the scope of this thesis 5

2.1 Different application domains of the Internet of Things [16] 7

2.2 Encryption/Decryption in Public-key cryptosystems 9

2.3 Using a Digital Signature to Validate Data Integrity 10

2.4 BLE network topology 13

3.1 Project things 22

3.2 Three entities authentication protocol [36] 24

4.1 Detailed proposed authentication protocol 28

4.2 Party-Crasher protocol 29

4.3 Party-Crasher protocol overview 29

4.4 Detailded proposed authentication protocol 30

4.5 Same link key in PC and PP 31

5.1 Raspberry Pi boards set up 34

5.2 Experiment model 34

5.3 Authentication stage 1 39

5.4 Authentication stage 2 40

5.5 Authentication stage 3 40

7.1 Execution time PC 50

7.2 Execution time PP 50

List of Tables

7.1 Power consumption and duration of each phase of BLE 487.2 consumption and duration of each phase of Zigbee 487.3 The energy used by two devices for their mutual authentication 49

List of acronyms

Acronym Meaning

IoT Internet of Things

D2D Device-to-Device

BLE Bluetooth Low Energy

ECC Elliptic Curve Cryptography

TLS Transport Layer Security

DTLS Data Transport Layer Security

UDP User Datagram Protocol

TCP Transmission Control Protocol

TPM Trusted Platform Module

ECDH Elliptic-curve Diffie–Hellman

ECDHP Elliptic-curve Diffie–Hellman Problem

ECDLP Elliptic Curve Discrete Logarithm Problem ECDDHP Elliptic-curve Decision Diffie–Hellman Problem

PP Party-Participant

IRK Identity Resolving Key

CSRK Connection Signature Resolving Key

API Application Programming Interface

be not the same as before In all aspects of modern life, i.e learning, traffic, healthcare, working , applying IoT technology helps to improve the quality of services andincrease satisfaction of users Its greatest benefit comes from highly heterogeneous in-terconnected devices and systems, covering every shape, size, and functionality Asshown in Figure 1.1, researcher estimated that around 75.4 billions of devices will

be connected to the Internet by 2025 [4] These objects in the IoT have capabilities

of communicating and interacting with each other to exchange their data, providingmonitoring of the environment around to enable and giving responses to changes inthe system’s environment Such capabilities are promising in totally changing humanlifestyle, making it safer, more convenient and comfortable This motivation has at-tracted and encouraged many researchers to participate in designing and inventing

novel solutions and applications for the IoT.

Figure 1.1: The global market of IoT devices estimations by years.

With this growth of IoTs, security becomes a survival problem In fact, Gartner

’s 2016 IoT Backbone Survey showed that 32% of Information Technology leaderscited security as a top barrier to IoT success [5] In order to keep the IoT the systemsafe, the authentication process between IoT devices must be well-controlled How-ever, IoTs environment also has its own constraints which make it different from othersystems: the uncontrolled environment, the heterogeneity, the need for scalability, aswell as the constrained resource [6] As a result, the authentication protocol in IoTmust be lightweight and flexible Gartner reports that 20% of organizations suffer atleast one IoT security attack in the last three years [7] Prior technology trends, e.g.,cloud computing and big data, seem to have quite similar security requirements withthe IoT Nonetheless, the IoT unique nature introduces new challenges to security re-quirements, which are much different from previous technology trends For example,big data solutions are not required to deal with an uncontrolled environment and con-strained resources, while cloud computing hardly deals with the mobility of devicesand physical accessibility of sensors [8]

The security requirements for IoT systems depend on their domains of cations They include the needs of confidentiality, integrity, and authenticity Amongthose, authenticity is the major requirement for the IoT [9], which provides the proofthat a connection is established with an authenticated entity Authentication is an im-portant factor in which each connected object’s identity is required to be verifiedbefore they can securely communicate as well as access various IoT resources Be-sides, privacy is considered to be one of the most dominant challenges in the IoT [10]

appli-Highly interconnected objects in the IoT produce a huge amount of transmitted data.These data may contain different kinds of information directly involved users’ dailylives through their devices so that IoT applications can provide corresponding ser-vices The involvement of users’ behaviors, preferences as well as private data hasraised the concern about the risk of leakage of privacy, which becomes a huge obsta-cle when putting IoT applications into use For such reasons, effective and efficientauthentication protocols to protect users’ private information are essential to providethe security of every IoT system.

Device to Device (D2D) connection is a part of IoTs One of the most popularstandards for Device to Device connection is Bluetooth To adapt with the expansion

of IoTs, The Bluetooth Special Interest Group (SIG) introduced Bluetooth Low ergy (also called Bluetooth Smart or BLE) BLE started as part of the Bluetooth 4.0Core Specification IoT applications can rely on BLE for local connection betweensmart phones and resource constrained peripherals since this standard is designed to

En-be low cost, robust and especially energy-efficient In 2016, Bluetooth SIG releasesBluetooth 5.0 with 4x range, 2x speed and 8x broadcasting message capacity compar-ing with Bluetooth 4.0 [11] The enhancements of Bluetooth 5.0 aim to increase thefunctionality of Bluetooth for the IoTs, hence, it can be used in smart home automa-tion, enterprise, and industrial markets

1.3.2 Practical contributions

• This research contributes a new authentication solution that can be used for powered devices, which only need to have BLE hardware, with limited compu-tational capabilities, especially in the IoT environment

low-• The research also raises and addresses not only the security but also the privacyaspects of devices in the IoT

In fact, IoT has a very large context that includes many different kinds of systems.Therefore, in the scope of this thesis, I mainly focus on the devices which supportsBLE features So from now on anytime a device mentioned in this thesis, should haveBLE by default The research also only focuses on one of the most essential of IoTs

is D2D authentication as described in Figure 1.2 I will use a party as the scenario,hence, the proposed protocol can be called Party-Crasher protocol The objects in thisprotocol are generalized into only three entities:

• Device 1 or Party Crasher: The device wants to join the group or the party.

• Device 2 or Party Owner: The device acting as Party owner, who know all party

participants and be trusted by them This device can directly communicate withall participant devices and with trusted by them

• Group of Devices 3 or Party Participant: These devices can give their individualjudgment for the uninvited guest The judgment can be not the same in differentparty

The advantages of this model are all the computations handled by different vices, so no device gets overloaded and consumes just few energy

The rest of the thesis is organized as follows:

Figure 1.2: The network architecure considered in the scope of this thesis.

• Chapter 2 provides the backgrounds including a thorough study about the IoT

and the cryptographic materials that will be used in later chapters

• Chapter 3 outlines some related works that have been presented in the same

field of authentication solutions

• Chapter 4 is where I propose the authentication protocol to be used for the IoT

devices which support BLE

• Chapter 5 explains my proposal about the software, hardware and framework

APIs in case we implement this protocol

• Chapter 6 presents the security analysis where I prove the correctness as well as

the security of the newly proposed protocol

• Chapter 7 is the performance analysis in which I will analyze the efficiency of

resource consumption of the proposed protocol compared with the base scheme

• Chapter 8 concludes the work in this thesis, discusses and re-emphasizes the

contributions as well as proposes the future works

Chapter 2

Backgrounds

IoT refers to a set of technologies and scenarios which has no formally single tion yet An understandable view of IoT is as a network of everyday things connectedvia the Internet “Things”, obviously the major part composing every IoT system, arenot only referred to one or two particular kinds of devices, but also aimed to all ofwhich can connect and communicate with each other IoT devices can range fromtiny ones such as sensors, actuators, RFID tags [12] to medium ones such as smart-phones, kitchen appliances and even large ones like backend or cloud servers, literally

defini-“anything” that includes the technological components to enable the Thing to connect

to the Internet through a wired or wireless network IoT users can be a human, ormachine, or a combination [13]

These “things” in the IoT are becoming more and more familiar with our dailyactivities Single-function embedded devices have been developed into smart things,such as smartphones, laptops, coffee machines, refrigerators, Google Home, Applewatches, etc In other words, any device can be integrated into the IoT by equipping

it with an Internet connection and sensors IoT devices collect environmental mation of their surroundings and send it to some central data servers where it is pro-cessed, manipulated, transformed and used to perform multiple tasks [14] In the end,governments, organizations, and individuals enjoy these benefits of IoT Applications

infor-of the IoT are available in many aspects infor-of life thanks to its adoption by a wide range

of industries [15], as shown in Figure 2.1

Figure 2.1: Different application domains of the Internet of Things [16].

The most common example of IoT applications in our daily lives is in the form

of wearables (smartphones, smartwatches, health monitors, etc.) and smart homes,which improve entertainment, network connectivity and the quality of life by automat-ically adjusting customers’ home environment or allowing them control appliancesand lights remotely In agriculture, monitoring and management of micro-climateconditions with IoT technologies help to increase production IoT devices can sensesoil moisture and nutrients for better controlling irrigation and fertilizer systems IoTapplications in healthcare via wearables let hospitals remotely and real-time monitortheir patients’ health that can provide timely response to emergencies like strokes orheart attacks In manufacturing, a manufacturer can track a product from its start inthe factory to its placement in the destination store by RFID and GPS technology.The gathered information can be used to calculate the traveling time, condition, andenvironmental conditions of a product Especially in transportation, GPS is being uti-lized to plot faster and more efficient routes for vehicles thus reducing moving anddelivery times Above are only a few of many applications of the IoT in our real worldbut enough to show its currently huge potential as well as its rapid development in thenear future

Unlike traditional systems such as enterprise applications, cloud computing or BigData, IoT systems are uniquely identified by several properties These properties alsoraise the challenges that we need to deal with when working in the field Related IoTresearch [8] identified four distinguishing properties of IoT in terms of security andprivacy challenges, which are: the uncontrolled environment, the heterogeneity, the

need for scalability and the resource constraints of IoT devices.

• Uncontrolled environment: The uncontrolled environment of IoT is caused by

the main fact that things can travel to unreliable surroundings possibly withoutsupervision In other words, this property composes three sub-properties whichare: mobility, physical accessibility and trust

• Mobility: Connectivity in networks of IoT systems are not expected to be stable

or always available

• Physical accessibility: More often than not, sensors in IoT remains unprotected

and can be publicly accessed by outsiders, e.g., traffic control cameras and weathersensors

• Trust: It is unlikely to achieve a priori trusted relationships for the huge number

of devices and users Therefore, it is essential to have mechanisms that ically validate and manage the trust of things, services and users in IoT systems

automat-• Heterogeneity: IoT has to integrate a wide range of devices from many

differ-ent manufacturers so their version compatibility and interoperability need to beguaranteed

• Scalability: The vast amount of IoT interconnected things requires highly

scal-able protocols

• Resource Constraints: A large proportion of involved devices in the IoT has low

energy power and computational capability Therefore, proposed solutions quiring complex computations and high energy consumption cannot be applied

re-to the IoT in practice

Cryptography aims to provide authentication and privacy of communication betweentwo entities, which can be achieved by the popular adoption of symmetric cryptogra-phy However, the requirement of having a shared key, which is securely exchangedbeforehand for each pair of communicating entities makes this type of cryptogra-phy inconvenient to some applications Such inconvenience also comes from its diffi-culty to obtain signatures with non-repudiation For those reasons, Merkle, Diffie and

Hellman in mid-1970s proposed the idea of public-key cryptography, also called theasymmetric cryptography This scheme involves a pair of private-public keys so thatthe problem of deriving the private key from its corresponding public key is equiva-lent to solving a computational problem that is considered to be intractable [17] In-tractable numeric-theoric problems used to guarantee the security of popular public-key schemes are:

• The integer factorization problem which is used by RSA public-key encryptionand signature schemes

• The discrete logarithm problem which is used by the ElGamal public-key cryption and signature schemes and their variants, e.g DSA

en-• The elliptic curve discrete logarithm problem which is used by all elliptic curvecryptographic schemes

With public-key encryption, each public key is published and its corresponding vate key of an entity is kept secret Data that are encrypted with the public key canonly be decrypted with its private key as shown in Figure 2.2 As we can see, thisscheme allows anyone with the public key encrypt the data and only the person whoowns the corresponding private key can decrypt and read the content of the originaldata Public-key encryption nevertheless requires more processing than symmetric-key encryption, thus may not be suitable for encrypting a large amount of data Oneapproach to address this weakness is to use the public-key scheme to encrypt andsend symmetric keys only These symmetric keys later can be used to encrypt theactual exchange data This approach is used by the SSL/TLS protocols

pri-Figure 2.2: Encryption/Decryption in Public-key cryptosystems.

Compared with symmetric-key encryption, public-key encryption requires moreprocessing and may not be feasible for encrypting and decrypting large amounts ofdata However, it is possible to use public-key encryption to send a symmetric key,which can then be used to encrypt additional data This is the approach used by theSSL/TLS protocols.

2.2.2 Public-key digital signature

A public-key scheme also allows encrypting its data with a private key and usingthe corresponding public to decrypt those data It is possible to use a private key forencryption and the corresponding public key for decryption This is a technique fordigitally signing data Instead of encrypting the data itself, this technique is to create aone-way hash of the data, then use the private key to encrypt the hash The encryptedhash, along with other information such as the hashing algorithm, is known as a digitalsignature [18]

Figure 2.3: Using a Digital Signature to Validate Data IntegrityFigure 2.3 describes the use of a digital signature to validate data integrity Theoriginal data along with its signature are transferred from a sender to a recipient Thedigital signature is generated by first creating a one-way hashed data from the orig-inal data After that, this hashed data are encrypted using the sender’s private key.When the recipient receives these two items (the original data and its digital signa-ture), he/she validates the data integrity by decrypting the digital signature using theclaimed-to-be sender with its public key then applying the same one-hash algorithm

If the final hash operation results in the identical hashes, the validity of the data can

be confirmed

2.3 Bluetooth Low Energy

as Bluetooth Smart, Bluetooth Smart Ready and Bluetooth Low Energy Most able devices and smartphones are supporting Bluetooth 4.0 and 5.0 Bluetooth Smartdevices are peripheral devices like speakers, headphones, fitness trackers, smart pens,medical devices and so on These devices get resource constraints and limited amount

wear-of battery They are suitable for simple calculation According to the Bluetooth LowEnergy Core Specification, there are two roles defined (GAPRoles) when the Blue-tooth Low Energy connection is established The node that initiates the connectiondefined as the Central device and the node that is connected to by the central is de-fined as the peripheral device They often have paired hosts (or centrals) and requireperiodic connection to it, like during data transfer These peripheral are also able tomaintain the pairing despite long sleep periods between active modes to prevent a sec-ond device from pairing Our smart phones and laptop are considered as BluetoothSmart Ready devices They have powerful processor and can control peripheral de-vices via Bluetooth connection Bluetooth Smart Ready can also exchange data withold Bluetooth 2.0 or 3.0 device With 4x range, 2x speed and 8x broadcasting messagecapacity comparing with Bluetooth 4.0, the enhancements of Bluetooth 5.0 aims toincrease the functionality of Bluetooth for the IoT

Central and Peripheral in other phases of BLE can be called as Master and Slave.BLE device can operate either in master or slave role A master can manage multiple

simultaneous connections with a number of slave devices, but a slave can only be nected to a single master Differently from classic BT, discovery is done so that slaveadvertises on one or several of the three designated advertisement channels Masterscans these channels in order to discover slaves After discovery, data transmissionhappens in the form of connection events in which the master and the slave wake up

con-in synchronous mode to exchange frames Both devices sleep the rest of time

To best meet the wireless connectivity needs of a diverse developer population, tooth technology supports multiple topology options From simple point-to-point con-nections for streaming audio between a smartphone and speaker, to broadcast connec-tions that enable way-finding services in an airport, to mesh connections that supportlarge-scale building automation, Bluetooth supports multiple topology options to bestmeet the unique wireless connectivity needs of a diverse, global developer population

Blue-In overview, the network topology of BLE can be shown as Figure 2.4 We have threekinds of topology: Point To Point, Star and Mesh

Mesh

In mesh networks, each device is connected to one or more of the other devices.There is no clear role definition that parallels central/peripheral A typical real meshtopology (such as Zigbee or Thread)consists of one coordinator, several routers andseveral end devices Routers can communicate with other nodes because the Mesh

Figure 2.4: BLE network topologyprotocol defines the routing rules Mesh is considered the most flexible network and

it can provide a larger network coverage area At the same time, Mesh has a strongfault-tolerant ability If a router crashes in the network, information can still be auto-matically transmitted along other routing path On the other hand, mesh networks usecomplex network protocols that require a lot from the hardware and software that isused Also, the Mesh networks typically consume more power than other networks,and the data latency is both higher and more unpredictable since the number of jumpsbetween peer devices is not fixed

Bluetooth Mesh is a mesh network protocol based on “message flooding” usingthe Bluetooth Low Energy Broadcaster and Observer GAP roles This protocol isquite complicated and is not considered power and latency efficient compared to starnetworks Bluetooth Low Energy manufacturers are still researching and developingtheir Bluetooth Low Energy mesh solutions at this time

So as we can see in Mesh model, we can expand the connecting area and addmore devices easily However, it also increases the communication cost The Meshmodel is strongly supported from BLE 5.0 and very popular in the current IoTs con-nections

The BLE security model includes five security features:

1 Pairing: the process for creating shared secret keys.

2 Bonding: storing the keys created during pairing so they can be used later

3 Device authentication: verification of stored keys

4 Encryption: data confidentiality

5 Message integrity: protection against data alteration

The Security Manager is responsible for:

1 Pairing

2 Key distribution

3 Generating hashes and short term keys

I take advantages of BLE security features in my proposed protocol:

1 Key generation in Bluetooth with low energy is performed by the Host on eachlow energy device independent of any other

2 Encryption in Bluetooth with low energy uses AES-CCM cryptography

3 In some circumstances where the communication channel is not encrypted, thedevice could still have a method to maintain and ensure the data authentication.This is accomplished by signing the data with a Connection Signature ResolvingKey (CSRK)

In BLE, security-related tasks happened and are decided beforehand in pairing cess There are four different pairing methods:

pro-1 Numeric Comparison: both devices display the same six digit value on their spective screens or LCD displays, then users have to check whether they matchand confirm with device This is not to prevent a man-in-the-middle (MITM)attack, but rather to identify the devices to each other

re-2 Just Works: this is for headless devices, which means those devices do not haveGraphic User Interface or even the screen Technically, it is the same as NumericComparison, but the six-digit value is set to all zeros Just Works method is

clearly the most popular one, however, there is no MITM protection with JustWorks.

3 Passkey Entry With Passkey Entry, a six-digit value is displayed on one device,and this is entered into the other device

4 Out Of Band: A communication method outside of the Bluetooth communicationchannel is not used, but the information is still secured The distance between twoconnected devices are very short in this case

In our protocol, considering that we would like to propose a general approachand many Bluetooth Smart devices will not have screen, we will use Just Works

• Correctness: The logic of authentication can provide the proof of whether a tocol meets its security goals or not

pro-• Efficiency: The logic of authentication can improve the efficiency of a protocol

by eliminating redundant messages which do not contribute to the achievement

of the security goals

• Applicability: The logic of authentication provides the formal clarifications on aprotocol’s assumptions in order to judge its applicability in practice

BAN-logic aims to answer the following questions:

• What conclusions does this protocol achieve?

• Which assumptions needed for this protocol?

• Does this protocol have unnecessary actions, which can be left out without ening the security?

weak-• Can anything be sent plain (without being encrypted) but still not weakening thesecurity?

The BAN logic makes it possible to reason in a simple way over cryptographicprotocols in a formal way It can be used in the design of a cryptographic protocolbecause the use of a formal language in the design process can exclude faults

• P |≡ X:P believes thatX holds

• P / X:P sees the formulaX

• P ⇒ X: P has jurisdiction overX, which means P has completely control overthe formulaX

• P |∼ X:P once said X The principalP at some time sent a message includingthe statementX

• #(X): The formula X is fresh, that is,X has not been sent in a message at anytime before the current run of the protocol

• P ← → QK : P andQ share a secret keyK P and Qcan use K to communicate toeach other and it is only known to them

• 7−→ BK : P hasK as a public key The corresponding secret key (the inverse ofK,denotedK−1) will never be discovered by any other principal

• A (−+ BX− : The formula X is a secret known only to P and Q, and possibly toprincipals trusted by them Only P andQ may useX to prove their identities toone another

• {X} Y: Encryption ofX with keyK

• hXi Y: This representsX combined with the formulaY; it is intended thatY be asecret, and that its presence prove the identity of whoever uttershXi Y

2.4.3 Typical protocol goals

A protocol that establishes a session key k for A and B typically has the goal that atthe end of a successful run it can be proved that:

• The said rule:

2.4.4 Protocol analysis with BAN-logic

There are three main stages to the analysis of a protocol using BAN logic

• Step 1: The first step is to express the assumptions and goals as formulas (also

known as statements) in symbolic notations so that the logic can proceed from aknown state so as to be able to ascertain whether the goals are in fact reached

• Step 2: The second stage is to transform the protocol steps also into formulas in

symbolic notation

• Step 3: Lastly, a set of deduction rules called postulates are applied The

postu-lates should lead from the assumptions, via intermediate formulas, to the tication goals

authen-Chapter 3

Related works

Security in IoT is a popular research aspect of these recent years, especially whenIoT is growing really fast and becoming an important part of our daily life In thepaper of M El-hajj et al published in 2019 [20], they stated that the main IoT se-curity concerns include: authentication, authorization, integrity, confidentiality, non-repudiation, availability, and privacy In this paper, we focus on the authentication.About the taxonomy of IoT Authentication Schemes, we would have six main criteria:

2 Using Authentication factors: Identity or/and Context

(a) Identity: An information kept by one devices and distinguishing it from other, is used to authenticate itself [26, 27]

an-(b) Context: can be behavioral (gait, voice ) or physical (fingerprint, iris )[28]

3 Using Authentication procedure: One-way authentication, Two-way tion and Three-way authentication

authentica-(a) One-way authentication: In scenario of two devices need to communicatewith each other, only one party will authenticate itself to the other one, whilethe other one is still unauthenticated.

(b) Two-way authentication: It is also called mutual authentication, in whichboth devices authenticate each other, this is the most common way

(c) Three-way authentication: When there is a central authority authenticates thetwo parties and support them mutually authenticating themselves

4 Using Authentication architecture: Distributed or Centralized

(a) Distributed: Using a distributed straight authentication method between thecommunicating parties

(b) Centralized: Using a centralized server or a trusted third party to distributeand manage the credentials used for authentication Whether centralized ordistributed, the authentication scheme architecture can be:

(c) Hierarchical: Using a multi-level architecture to deal with the authenticationprocedure

(d) Flat: No hierarchical architecture is used

5 IoT layer: We have perception layer, network layer and application layer

6 Hardware-based: The authentication process might require the use of physicalcharacteristics of the hardware or the hardware itself, so we have Implicit hardware-based and Explicit hardware-based

(a) Implicit hardware-based: Using hardware features such as Physical able Function (PUF) [29] or True Random Number Generator (TRNG) [30].(b) Explicit hardware-based: Some authentication schemes are based on the use

Unclon-of a Trusted Platform Module (TPM) [31]

My protocol is an example of using multi-authentication criteria I use identity such asDevice Bluetooth MAC address, location, time and encounter history of participants

as our factors I also provide a distributed authentication scheme cause I do not needcentralized server

Figure 3.1: Project things

The idea of Quorum based secure authentication is quite similar to the idea of myproposed protocol A quorum is defined as a minimum number of users in a groupnecessary to achieve a successful transaction (in this case authentication) Quorum isthe fundamental of blockchain Quorum based authentication protocol are sometimesreferred as Consensus Protocols or m-of-n quorum authentication There were somesimilar authentication protocols based on this idea applying on transaction: [32] and[33] The Quorum based secure authentication is the fundamental of block chain,however, it is too heavy to apply into the IoTs enviroment We also have "Projectthings" of Mozilla [34], which is an open framework for connecting your devices tothe web described as Figture 3.1 The main idea of the "Project things" is provingframework using Raspberry Pi 3 as Gateway to control smart home devices via Web-site, work with Zigbee vs Z-Wave standards via their USB dongles For Zigbee andZ-Wave, both are mesh networks – this just means signals can hop from gadget togadget round the home and each device or sensor does not need to connect to Wi-Fi.Therefore, we need a central hub which connects to the internet, and Raspberry Pi 3will be the gateway/ Central control hub to control the Zigbee/ Z-Wave devices I alsouse Raspberry Pi 3 in my proposed protocol, however, I refer not to have any centralcontrol hub to connect to the internet and we do not need to connect to cloud in theParty-Crasher protocol

3.3 Previous work

My proposed framework is an application based on BLE framework to utilize theadvantages of BLE technology, which is inspired by the the research result of [35],[36] and [37] for IoTs devices for resource constrain and privacy preserving idea.This work can also be considered as a further development for [38] To have betterunderstanding about my proposed protocol, I will briefly present about the work of[36] and [38]

In [36], we proposed an authentication protocol which includes three entities:device 1, device 2 and gateway as Figure 3.2

This authentication model also included three phase but did different things:

• Phase 1: Registration This is the very first step for every device when joining thesystem Its purpose is to register a device’s identity with the server At the end

of this phase when the server completes calculating and storing its tion data, the device will be responded with a secure cookies data used for laterauthentication phases

authentica-• Phase 2: Authentication between the servers and device The authentication cess happens before devices can start their connections with the rest of the net-work, which is firstly between them and the servers In this phase, the devicepresents its credentials, i.e its cookies data, to the server The server then veri-fies those credentials of the devices to know if it is allowed to connect Simulta-neously, the device also needs to be guaranteed that it is actually connecting tothe true server That is why by the end of this phase valid devices and the servershould be mutually authenticated by each other and their common session keyswill be created

pro-• Phase 3: Authentication between two devices As communications among vices happen more often than between them and the servers in IoT systems, theyalso need to be mutually authenticated by each other before making communica-tions The goal of this phase is similar to the second phase, that is, their identitiesare verified, and common session keys are created for later securing the messages

de-Figure 3.2: Three entities authentication protocol [36]

In my thesis, I will just deep dive into the final phase: Authentication betweentwo devices and eliminate the existing of gateway to make it become more flexibleand suitable for IoTs devices

Chapter 4

Proposed scheme

In this chapter, the proposed protocol will be described in detail Firstly, I will explainthe senario that we will need to apply my proposed authentication scheme Then, Iwill describe clearly every step in the authentication process

of Party-Owner.If you have one of the requirements, you would be provided sion to see party timeline, join chat groups and communicate in the party

permis-The second scenario is supposing you are a member of the development team,

so you are allowed to join team technical discussion meeting However, by some