Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm

Recently, Bluetooth technology is widely used by organizations and individuals to provide wireless personal area network (WPAN). This is because the radio frequency (RF) waves can easily penetrate obstacles and can propagate without direct line-of-sight (LoS). These two characteristics have led...

Full description

Bibliographic Details
Main Authors: Diallo, Alhassane Saliou, Al-Khateeb, Wajdi Fawzi Mohammed, Olanrewaju, Rashidah Funke, Fatai, Sado
Format: Conference or Workshop Item
Language:English
English
Published: 2014
Subjects:
Online Access:http://irep.iium.edu.my/39193/
http://irep.iium.edu.my/39193/1/1067.pdf
http://irep.iium.edu.my/39193/4/5th_international_conference_%28ICCCE_2014%29.pdf
id iium-39193
recordtype eprints
spelling iium-391932018-06-11T05:09:55Z http://irep.iium.edu.my/39193/ Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm Diallo, Alhassane Saliou Al-Khateeb, Wajdi Fawzi Mohammed Olanrewaju, Rashidah Funke Fatai, Sado TK7885 Computer engineering Recently, Bluetooth technology is widely used by organizations and individuals to provide wireless personal area network (WPAN). This is because the radio frequency (RF) waves can easily penetrate obstacles and can propagate without direct line-of-sight (LoS). These two characteristics have led to replace wired communication by wireless systems. However, there are serious security challenges associated with wireless communication systems because they are easier to eavesdrop, disrupt and jam than the wired systems. Bluetooth technology started with a form of pairing called legacy pairing prior to any communication. However, due to the serious security issues found in the legacy pairing, a secure and simple pairing called SPP was announced with Bluetooth 2.1 and later since 2007. SPP has solved the main security issue which is the weaknesses of the PIN code in the legacy pairing, however it has been found with some vulnerabilities such as eavesdropping and man-in-the-middle (MITM) attacks. Since the discovery of these vulnerabilities, some enhancements have been proposed to the Bluetooth Specification Interest Group (SIG) which is the regulatory body of Bluetooth technology; nevertheless, some proposed enhancements are ineffective or are not yet implemented by Manufacturers. Therefore, an improvement of the security authentication in Bluetooth connection is highly required to overcome the existing drawbacks. This proposed protocol uses Hash-based Message Authentication Code (HMAC) algorithm with Secure Hash Algorithm (SHA-256). The implementation of this proposal is based on the Arduino Integrated Development Environment (IDE) as software and a Bluetooth (BT) Shield connected to an Arduino Uno R3 boards as hardware. The result was verified on a Graphical User Interface (GUI) built in Microsoft Visual Studio 2010 with C sharp as default environment. It has shown that the proposed scheme works perfectly with the used hardware and software. In addition, the protocol thwarts the passive and active eavesdropping attacks which exist during SSP. These attacks are defeated by avoiding the exchange of passwords and public keys in plain text between the Master and the Slave. Therefore, this protocol is expected to be implemented by the SIG to enhance the security in Bluetooth connection. 2014-09-23 Conference or Workshop Item PeerReviewed application/pdf en http://irep.iium.edu.my/39193/1/1067.pdf application/pdf en http://irep.iium.edu.my/39193/4/5th_international_conference_%28ICCCE_2014%29.pdf Diallo, Alhassane Saliou and Al-Khateeb, Wajdi Fawzi Mohammed and Olanrewaju, Rashidah Funke and Fatai, Sado (2014) Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm. In: 5th International Conference on Computer and Communication Engineering, 23rd-25th September 2014, Kuala Lumpur .
repository_type Digital Repository
institution_category Local University
institution International Islamic University Malaysia
building IIUM Repository
collection Online Access
language English
English
topic TK7885 Computer engineering
spellingShingle TK7885 Computer engineering
Diallo, Alhassane Saliou
Al-Khateeb, Wajdi Fawzi Mohammed
Olanrewaju, Rashidah Funke
Fatai, Sado
Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
description Recently, Bluetooth technology is widely used by organizations and individuals to provide wireless personal area network (WPAN). This is because the radio frequency (RF) waves can easily penetrate obstacles and can propagate without direct line-of-sight (LoS). These two characteristics have led to replace wired communication by wireless systems. However, there are serious security challenges associated with wireless communication systems because they are easier to eavesdrop, disrupt and jam than the wired systems. Bluetooth technology started with a form of pairing called legacy pairing prior to any communication. However, due to the serious security issues found in the legacy pairing, a secure and simple pairing called SPP was announced with Bluetooth 2.1 and later since 2007. SPP has solved the main security issue which is the weaknesses of the PIN code in the legacy pairing, however it has been found with some vulnerabilities such as eavesdropping and man-in-the-middle (MITM) attacks. Since the discovery of these vulnerabilities, some enhancements have been proposed to the Bluetooth Specification Interest Group (SIG) which is the regulatory body of Bluetooth technology; nevertheless, some proposed enhancements are ineffective or are not yet implemented by Manufacturers. Therefore, an improvement of the security authentication in Bluetooth connection is highly required to overcome the existing drawbacks. This proposed protocol uses Hash-based Message Authentication Code (HMAC) algorithm with Secure Hash Algorithm (SHA-256). The implementation of this proposal is based on the Arduino Integrated Development Environment (IDE) as software and a Bluetooth (BT) Shield connected to an Arduino Uno R3 boards as hardware. The result was verified on a Graphical User Interface (GUI) built in Microsoft Visual Studio 2010 with C sharp as default environment. It has shown that the proposed scheme works perfectly with the used hardware and software. In addition, the protocol thwarts the passive and active eavesdropping attacks which exist during SSP. These attacks are defeated by avoiding the exchange of passwords and public keys in plain text between the Master and the Slave. Therefore, this protocol is expected to be implemented by the SIG to enhance the security in Bluetooth connection.
format Conference or Workshop Item
author Diallo, Alhassane Saliou
Al-Khateeb, Wajdi Fawzi Mohammed
Olanrewaju, Rashidah Funke
Fatai, Sado
author_facet Diallo, Alhassane Saliou
Al-Khateeb, Wajdi Fawzi Mohammed
Olanrewaju, Rashidah Funke
Fatai, Sado
author_sort Diallo, Alhassane Saliou
title Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
title_short Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
title_full Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
title_fullStr Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
title_full_unstemmed Enhancement of bluetooth security authentication using hash-based message authentication code (HMAC) algorithm
title_sort enhancement of bluetooth security authentication using hash-based message authentication code (hmac) algorithm
publishDate 2014
url http://irep.iium.edu.my/39193/
http://irep.iium.edu.my/39193/1/1067.pdf
http://irep.iium.edu.my/39193/4/5th_international_conference_%28ICCCE_2014%29.pdf
first_indexed 2023-09-18T20:56:18Z
last_indexed 2023-09-18T20:56:18Z
_version_ 1777410326538485760