BLE配对安全 [英] BLE Pairing Security
问题描述
我是新来的BLE技术,使用它的Arduino(RFduino)之外。我试图让这个每一个手机,可以看到设备无法配对到RFduino。我感到困惑的是,我知道BLE有安全的措施,但我要如何去实现这些。
I am new to BLE technology outside of using it for Arduino(RFduino). I'm trying to make it so that every phone that can see the device cannot pair to the RFduino. What I'm confused about is I know BLE has security measures but how do I go about implementing these.
望着这个问题看起来可以使用MAC地址的安全性? 对BLE装置利用Android 所以我想我应该做的是让用户进入该设备,如果它不匹配,它们不能连接正确的MAC地址
Looking at this question it looks like one can use the MAC addr for security? Pair BLE Device With Android So I guess what I should do is have the user enter the correct MAC addr for the device and if it doesn't match they can't connect?
我真的不明白的是如何增加一个配对私人/公共密钥,而我认为是最好的实践方式做到这一点整个通信?任何帮助将是AP preciated。
What I really dont understand is how to add a pairing private/public key to the whole communication which I assume is the best practice way to do this? Any help would be appreciated.
推荐答案
BLE提供完整性和保密性,以它的通信,而不是验证。这意味着一旦建立连接,这是很难破解,但你必须确保你自己,你没有连接到恶意用户!
BLE provides Integrity and Confidentiality to its communication, but not Authentication. This means once the connection is established, it's very hard to hack, but you have to make sure yourself that you're not connected to a malicious user!
公私密钥认证将是一个很好的起点。你可能希望RFDuino持有私钥。当您尝试连接到它,它就会登录,只有私钥所有者可以签署一个方法的东西,你可以验证这一点使用你的公钥。现在,您可以确保您已连接到正确的人。
Public Private key authentication would be a good starting point. You may want the RFDuino to hold the private key. When you attempt to connect to it, it will sign something in a way that only the private key owner could sign, and you can verify this using your public key. Now you can be sure that you're connected to the right person.
安全性是一个很辛苦的事情来实现正确不过了,所以你可能会想,如果有人已经实现了这样的库蓝牙环顾四周。
Security is a very hard thing to implement correctly however, and so you may want to look around if someone has already implemented a library like this for Bluetooth.
这篇关于BLE配对安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
