蓝牙是否加密数据？ [英] Does Bluetooth encrypt data?

问题描述

简介：我来不与蓝牙协议栈和协议充分了解这个问题，所以这可能需要多轮编辑在我的假设错误显露

Intro: I'm coming to this problem without full familiarity with the Bluetooth stack and protocols, so this may require several rounds of editing as errors in my assumptions are revealed.

我试图连接到蓝牙设备， Scosche产品myTREK脉冲监视器。我是能够连接到使用Android的官方应用的设备，并使用我 hcidump 捕获的数据包蓝牙输出。我可以阅读和通过链路密钥交换了解连接过程了;然而，该设备然后发送HCI 加密更改事件后，其中大部分（但不是全部）的数据包标记为ACL的数据包，并且很难间preT。

I'm attempting to connect to a Bluetooth device, a Scosche myTREK Pulse Monitor. I was able to connect to the device using the 'official' app for Android, and I captured the Bluetooth packet output using hcidump. I can read and understand the connection process up through the link key exchange; however, the device then sends an HCI Encrypt Change event, after which most (but not all) packets are labeled as ACL packets, and are difficult to interpret.

的基本问题是：蓝牙是否加密的数据，有没有办法可以安全地将其解密？这是涉及到转向ACL的数据包？

下面是 hcidump 为给定连接提供的数据包输出，开始在链路密钥的传递的一个样本。 （＆GT; 指的是显示器发送数据）

Here is a sample of the packet output provided by hcidump for a given connection, starting at the passing of the Link Key. ( > refers to the monitor sending data )

> HCI Event: Link Key Request (0x17) plen 6
  0000: ** ** ** ** ** **                                 ??????

< HCI Command: Link Key Request Reply (0x01|0x000b) plen 22
  0000: ** ** ** ** ** ** ** **  ** ** ** ** ** ** ** **  ???????????????
  0010: ** ** ** ** ** **                                 ??????

> HCI Event: Command Complete (0x0e) plen 10
  0000: 01 0b 04 00 ** ** ** ** ** **                    ....??????

> HCI Event: Encrypt Change (0x08) plen 4
  0000: 00 0c 00 01                                       ....

> ACL data: handle 12 flags 0x02 dlen 12
    L2CAP(s): Connect req: psm 1 scid 0x0040

< ACL data: handle 12 flags 0x00 dlen 16
    0000: 0c 00 01 00 03 02 08 00  40 00 40 00 01 00 00 00  ........@.@.....

< ACL data: handle 12 flags 0x00 dlen 10
    0000: 06 00 01 00 0a 01 02 00  02 00                    ..........

> HCI Event: Number of Completed Packets (0x13) plen 5
  0000: 01 0c 00 02 00                                    .....

> ACL data: handle 12 flags 0x02 dlen 16
    L2CAP(s): Info rsp: type 2 result 0
      Extended feature mask 0x0000

< ACL data: handle 12 flags 0x00 dlen 16
    0000: 0c 00 01 00 03 02 08 00  40 00 40 00 00 00 00 00  ........@.@.....

< ACL data: handle 12 flags 0x00 dlen 12
    0000: 08 00 01 00 04 02 04 00  40 00 00 00              ........@...

> HCI Event: Number of Completed Packets (0x13) plen 5
  0000: 01 0c 00 02 00                                    .....

> ACL data: handle 12 flags 0x02 dlen 16
    L2CAP(s): Config req: dcid 0x0040 flags 0x00 clen 4
      MTU 48 

< ACL data: handle 12 flags 0x00 dlen 18
    0000: 0e 00 01 00 05 03 0a 00  40 00 00 00 00 00 01 02  ........@.......
    0010: 30 00                                             0.

> ACL data: handle 12 flags 0x02 dlen 14
    L2CAP(s): Config rsp: scid 0x0040 flags 0x00 result 0 clen 0
      Success

> ACL data: handle 12 flags 0x02 dlen 36
    L2CAP(d): cid 0x0040 len 32 [psm 0]
      0000: 06 00 01 00 1b 35 11 1c  00 00 00 00 de ca fa de  .....5......??·?
      0010: de ca de af de ca ca fe  00 26 35 03 09 00 04 00  ???»????.&5.....

< ACL data: handle 12 flags 0x00 dlen 33
    0000: 1d 00 40 00 07 00 01 00  18 00 15 35 13 35 11 09  ..@........5.5..
    0010: 00 04 35 0c 35 03 19 01  00 35 05 19 00 03 08 12  ..5.5....5......
    0020: 00                                                .

> HCI Event: Number of Completed Packets (0x13) plen 5
  0000: 01 0c 00 02 00                                    .....

> ACL data: handle 12 flags 0x02 dlen 12
    L2CAP(s): Disconn req: dcid 0x0040 scid 0x0040

< ACL data: handle 12 flags 0x00 dlen 12
    0000: 08 00 01 00 07 04 04 00  40 00 40 00              ........@.@.

> ACL data: handle 12 flags 0x02 dlen 12
    L2CAP(s): Connect req: psm 3 scid 0x0041

< ACL data: handle 12 flags 0x00 dlen 16
    0000: 0c 00 01 00 03 05 08 00  40 00 41 00 00 00 00 00  ........@.A.....

> HCI Event: Number of Completed Packets (0x13) plen 5
  0000: 01 0c 00 02 00                                    .....

> ACL data: handle 12 flags 0x02 dlen 16
    L2CAP(s): Config req: dcid 0x0040 flags 0x00 clen 4
      MTU 895 

< ACL data: handle 12 flags 0x00 dlen 18
    0000: 0e 00 01 00 05 06 0a 00  41 00 00 00 00 00 01 02  ........A.......
    0010: 7f 03                                             ..

< ACL data: handle 12 flags 0x00 dlen 16
    0000: 0c 00 01 00 04 03 08 00  41 00 00 00 01 02 f5 03  ........A.....?.

> HCI Event: Number of Completed Packets (0x13) plen 5
  0000: 01 0c 00 02 00                                    .....

> ACL data: handle 12 flags 0x02 dlen 18
    L2CAP(s): Config rsp: scid 0x0040 flags 0x00 result 0 clen 4
      MTU 1013 

此时，由装置输送的载荷变化急剧过程之间，在一次运行中要少得多。我已经放在日志的其余部分在引擎收录为简洁：链接

推荐答案

是的，蓝牙在空中对数据进行加密。是的，这适用于ACL的数据。但是你看到过HCI接口的数据已经被解密。你的问题是，你不知道如何跨preT ACL的数据流。有协议的ACL的数据之上的几个级别。除非你的设备记录了他们的协议，你可能是出于运气。这是最有可能的，他们正在运行的SPP（串行端口配置文件）或RFCOMM交谈的Andr​​oid应用程序。所以，你有以下的嵌套协议层脱code SPP - > RFCOMM - > L2CAP - > ACL的数据。

Yes, bluetooth encrypts data over the air. And yes, this applies to ACL data. But the data you are seeing over the HCI interface is already decrypted. Your problem is that you don't know how to interpret the ACL data stream. There are a couple levels of protocol on top of ACL data. Unless your device documents their protocol, you may be out of luck. It's most likely that they are running SPP (serial port profile) or RFCOMM to talk to the android app. So you have the following nested protocol layers to decode SPP -> RFCOMM -> L2CAP -> ACL data.

这也可能是您的设备/应用做额外的应用级加密对SPP的顶部。在这种情况下，你的运气了。

It is also possible that your device/app do additional application level encryption on top of SPP. In that case, you're out of luck.

这篇关于蓝牙是否加密数据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！