关键词:Bluetooth Classic Security 经典蓝牙安全机制 Pairing Authentication Encryption
本文基于Bluetooth Core Spec v5.3,梳理了Core Spec中BT Classic Security相关内容。
根据Vol 1, Part C: Core Specification Change History, 经典蓝牙Security相关修改历史如下:
- v1.1 TO v1.2
- Deprecate the use of Unit Key for security
- v2.0+EDR TO v2.1+EDR
- Introduce Encryption Pause and Resume
- Introduce Secure Simple Paring
- Introduce Security Mode 4
- v4.0 TO v4.1
- Introduce BR/EDR secure connections
Vol 1, Part A, 5 SECURITY OVERVIEW非常重要,一定要细读。该章说明了Bluetooth security机制演变历史和设计目标,重要的名词术语,包括
- Bluetooth security model包含五种security features:
- Pairing: create secret keys
- Bonding: store secret keys
- Device authentication: verify the same keys
- Encryption
- Message integrity
- 经典蓝牙的三种security mechanism,依照出现时间先后,依次为:
- BR/EDR Legacy Paring:use short variable PIN or fixed PIN
- Secure Simple Pairing (SSP): four association models
- Secure Connections: upgrades Secure Simple Pairing
- Secure Simple Paring (SSP)根据设备的IO capabilites可以使用四种association models:
- Just Works
- Numeric Comparison
- Passkey Entry
- Out-Of-Band
关于Encryption,BR/EDR和BLE都是在Controller完成的。
关于Key generation,BR/EDR是由Controller完成的,但是BLE是由Host完成的。
Vol 2, Part C 3.2 FEATURE DEFINITIONS 列出了LMP中security相关feature及其定义,3.5 FEATURE REQUIREMENTS列出了features之间的依赖/互斥关系,包括
- Broadcast encryption - Mutually exclusive feature: Coarse clock adjustment
- Encryption - Mandatory
- Pause Encryption
- Secure Connections (Controller Support) - Require features: Pause encryption and Ping
- Secure Connections (Host Support) - Require features: Secure Simple Pairing (Host Support) and Secure Connections (Controller Support)
- Secure Simple Pairing (Controller Support) - Mandatory
- Secure Simple Pairing (Host Support)
Vol 2, Part C, 4.2 SECURITY 详细说明了以下功能涉及到的PDU、Error Code和Procedure Sequence。如果你没有看之前的Security Overview,很可能陷入细节当中,而不能理解Security的整体流程和这些功能的相互关系。
-
Authentication
-
Legacy authentication:
- Performed when at least one device does not support both the Secure Connections(Controller Support) and Secure Connections(Host Support) features.
- A mutual authentication is not mandatory.
-
Secure authentication:
- Performed when both devices support the Secure Connections(Controller Support) and Secure Connections(Host Support) features.
- Always a mutual authentication.
-
-
Pairing
-
Change link key
-
Change current link key type
-
Encryption
- E0 encryption(legacy) mechanism - At least one device does not support both the Secure Connections(Controller Support) and Secure Connections(Host Support) features.
- AES-CCM encryption mechanism - Both devices support Secure Connections(Controller Support) and Secure Connection(Host Support) features.
-
Request supported encryption key size
Vol 2, Part H Security Spec规定了Encryption、Authentication和Key Generation schemes的实现细节,比如详细的steps和algorithms。为了便于理解,读者有必要了解对称加密和非对称加密的基本概念2。该章包含了以下内容:
- Random number generation
- Key management
- Encryption (E0)
- Authentication
- The authentication and key-generating functions
- Secure Simple Pairing
- AES-CCM encryption for BR/EDR
读者可以阅读综述性文献3,加深对Core Spec中security mechanism的理解。
Reference