报告简介:
To defeat man-in-the-middle (MITM) and various other attacks, Bluetooth Low Energy (BLE) 4.2 and 5.x introduced the Secure Connections Only mode, under which a BLE device accepts only secure paring protocols including Passkey Entry and Numeric Comparison from an initiator such as an Android mobile. However, BLE does not have a similar Secure Connection Only mode for the initiator. We discover that the initiator should have enforced secure pairing too. If not, a spoofing BLE device can connect to the mobile device and perform various attacks against the mobile device through an app that connects to the BLE device. Based on our findings, the whole system with BLE apps and devices is deemed secure only if the secure pairing is enforced on both mobile devices and BLE devices. Various case studies and extensive experiments were performed to validate our findings. We have reported the BLE pairing vulnerability to the Google Android team and this vulnerability has received a High Severity rating (the corresponding patch is under active development by Google).
报告人简介:
Dr. Xinwen Fu is an associate professor in the Department of Computer Science, University of Central Florida. He received B.S. (1995) and M.S. (1998) in Electrical Engineering from Xi'an Jiaotong University, China and University of Science and Technology of China respectively. He obtained Ph.D. (2005) in Computer Engineering from Texas A&M University. Dr. Fu's current research interests are in network security and privacy, network forensics, computer forensics, information assurance, system reliability and networking QoS. Dr. Fu has been publishing papers in conferences such as IEEE Symposium on Security and Privacy (S&P), ACM Conference on Computer and Communications Security (CCS), ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), ACM Sensys (ACM Conference on Embedded Networked Sensor Systems), IEEE International Conference on Computer Communications (INFOCOM) and IEEE International Conference on Distributed Computing Systems (ICDCS), journals such as ACM/IEEE Transactions on Networking (ToN), IEEE Transactions on Dependable and Secure Computing (TDSC), IEEE Transactions on Parallel and Distributed Systems (TPDS), IEEE Transactions on Computers (TC), IEEE Transaction on Mobile Computing (TMC) and IEEE Transactions on Vehicular Technology (TVT), book and book chapters. He spoke at various technical security conferences including Black Hat. His research is supported by NSF.