Visible to the public BLESS: A BLE Application Security Scanning Framework

TitleBLESS: A BLE Application Security Scanning Framework
Publication TypeConference Paper
Year of Publication2020
AuthorsZhang, Y., Weng, J., Ling, Z., Pearson, B., Fu, X.
Conference NameIEEE INFOCOM 2020 - IEEE Conference on Computer Communications
Date Publishedjul
Keywords1073 BLE apps, Application Layer, authentication, Biomedical monitoring, BLE application Security scanning framework, BLE attacks, BLE based devices, BLE Security Scan framework, BLE Security Scanning, BLE-based device, BLESS, Blood pressure, Bluetooth, bluetooth low energy, bluetooth security, composability, cryptographic protocols, cryptography, Encryption, Human Behavior, Internet of Things, IoT device, IoT security, pairing strategies, physical security, Protocols, pubcrawl, public key cryptography, resilience, Resiliency, reverse engineering, secure communication, security of data, telecommunication security, widely adopted wireless communication technology
AbstractBluetooth Low Energy (BLE) is a widely adopted wireless communication technology in the Internet of Things (IoT). BLE offers secure communication through a set of pairing strategies. However, these pairing strategies are obsolete in the context of IoT. The security of BLE based devices relies on physical security, but a BLE enabled IoT device may be deployed in a public environment without physical security. Attackers who can physically access a BLE-based device will be able to pair with it and may control it thereafter. Therefore, manufacturers may implement extra authentication mechanisms at the application layer to address this issue. In this paper, we design and implement a BLE Security Scan (BLESS) framework to identify those BLE apps that do not implement encryption or authentication at the application layer. Taint analysis is used to track if BLE apps use nonces and cryptographic keys, which are critical to cryptographic protocols. We scan 1073 BLE apps and find that 93% of them are not secure. To mitigate this problem, we propose and implement an application-level defense with a low-cost \$0.55 crypto co-processor using public key cryptography.
Citation Keyzhang_bless_2020