堆栈内存溢出
  简体   繁体   English

具有Hm10外围设备的iOS核心蓝牙BLE安全性

[英]iOS Core Bluetooth BLE Security with Hm10 Peripherial

 原文  2015-03-02 19:34:47       ios/ bluetooth-lowenergy/ core-bluetooth/ ios-bluetooth/ hm-10

问题描述

Can someone suggest if it is possible in BLE communication to authenticate the central from peripherial before connection is established? 有人可以建议在建立连接之前在BLE通信中是否可以从外围对中央进行身份验证吗?

Example: 1) Peripherial Advertises continuously 2) Central discovers Peripherial and sends connection request 3) Connection is Established and Advertising stops 3) Peripherial authenticates central via AES or Pairing etc. 4) If authentication is succesful transfer data. 示例:1)外围设备连续通告2)中心发现外围设备并发送连接请求3)建立连接并停止广告3)外围设备通过AES或配对等对中心进行身份验证。4)如果身份验证成功,则传输数据。

Either ways once this malicious central has connected to peripherial the Genuine Central will not be able to as each peripherial. 无论哪种方式,一旦该恶意中心连接到外围设备,正版中心都将无法作为每个外围设备使用。 If I have understood properly, Peripherial can not end connection or start connection and peripherial do not allow simultaneous connections. 如果我正确理解,外围设备将无法结束连接或开始连接,并且外围设备不允许同时进行连接。

How can I solve this problem? 我怎么解决这个问题? Even if some way of terminating connection from peripherial is made possible, the malicious central will keep reconnecting hence essentially performing DENIAL OF SERVICE(DOS) attack. 即使可以通过某种方式终止与外围设备的连接,恶意中心也将保持重新连接,从而实质上执行拒绝服务(DOS)攻击。

Thank You! 谢谢!

2 个解决方案

解决方案1
 1  2015-03-02 21:59:54

You have the sequence slightly wrong. 您的顺序略有错误。 It should be - 它应该是 -

  1. Peripheral advertises 外围广告
  2. Central discovers peripheral and attempts to connect 中央发现外围设备并尝试连接
  3. PIN is requested if central is not already paired 如果中央尚未配对,则要求输入PIN
  4. Connection completes if pairing is successful. 如果配对成功,则连接完成。 If not return to state 1 如果不返回状态1
  5. If connection is successful advertising stops and data can be transferred. 如果连接成功,广告将停止并且可以传输数据。

So, the security is based on the PIN being kept a secret. 因此,安全性是基于PIN被保密的。 If the PIN is well-known (ie defaults to 0000) or can be easily discovered (printed/displayed on the device and physical access is possible) then security is compromised. 如果PIN是众所周知的(即默认值为0000)或可以很容易地发现(在设备上打印/显示并且可以进行物理访问),则安全性将受到损害。

In theory a DOS attack is also possible by making repeated connection attempts, but this does still leave an opportunity for the legitimate central to connect. 从理论上讲,也可以通过重复尝试连接来进行DOS攻击,但这仍然为合法中心提供了连接的机会。

解决方案2
 1  2016-04-13 16:53:37

Okay, this is a little late, but anyway: from v515 upwards you can use the AT+TYPEx command to change the authentication behaviour. 好的,这有点晚了,但是无论如何:从v515起,您可以使用AT+TYPEx命令更改身份验证行为。

x can be, according to the docs: 根据文档,x可以是:

  • 0:Not need PIN Code (default) 0:不需要PIN码(默认)
  • 1:Auth not need PIN 1:验证不需要PIN
  • 2:Auth with PIN 2:使用PIN验证
  • 3:Auth and bond 3:验证和绑定

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 蓝牙 HM-10 PIN 连接,认证/安全 - Bluetooth HM-10 PIN to connect, Authentication / Security 可以将HM-10或HM-11 BLE模块与Arduino一起使用来与iOS设备(ANCS)通信吗? - Is it possible to use HM-10 or HM-11 BLE Module with Arduino to communicate with an iOS device (ANCS)? 如何在iOS中获得HM-10蓝牙LE的特性 - How to get the characteristic(s) of HM-10 Bluetooth LE in iOS ios核心蓝牙配对到外部BLE设备 - ios Core BlueTooth Pairing to External BLE Device 如何将数据从iOS Swift 3应用程序写入BLE(HM-10)? - How to write data from iOS Swift 3 app to BLE (HM-10)? HM-10蓝牙与iPhone配对 - HM-10 bluetooth pairing with iPhone iOS蓝牙BLE安全性和“Just works”关联模型 - iOS Bluetooth BLE security and “Just works” association model 如何使用Core Bluetooth在iOS中设置BLE外围设备的名称 - How to set the name of BLE peripheral in iOS using Core Bluetooth 如何使用Swift代码和HM-10在iOS上配对和/或绑定到BLE,从而对发送的数据进行加密? - How do I pair and/or bond to BLE on iOS using Swift code and an HM-10 so data sent is encrypted? 如何使用iOS Core蓝牙在BLE上完全断开连接 - How to disconnect completely on BLE using iOS Core Bluetooth
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM