1. Bluetooth Low Energy Security Manager CSOS 홍성화

2. content Security Manager Introduction Security Properties Cryptographic Functions Security Manager Protocol

3. Security Manager Introduction Security Manager

4. Security Manager Introduction Asymmetrical Architecture Memory Processing Central role ( Initiating Deivce ) Central role ( Initiating Deivce ) Memory Processing Peripheral role ( Responding Deivce ) Peripheral role ( Responding Deivce ) > > Optimize the power consumption

5. Security Manager Introduction Security Breaches –Passive Eavesdropping –Man-in-the-Middle(MITM) Active Eavesdropping –Tracking A A Attacker B B A A B B

6. Security Properties Pairing Methods –Just Works –Passkey Entry –Out of Band Security Manager provides 3 types of security –Authenticated MITM protection Passkey Entry, OOB –Unauthenticated No MITM protection Just Works –No security

7. Cryptographic Functions Security manager provides the 4 functions –Security Function e. 128 bit AES, data encryption –Random address Function ah. Generate hash value for resolvable private address –Confirm Value Generation Function c1. Generate confirm value –Key Generation Function s1. Generate the Short Term Key(STK) during the pairing process

8. Security Manager Protocol Paring is a 3 phase process –Phase 1. Pairing Feature Exchange. –Phase 2. Short Term Key(STK) Generation –Phase 3. Transport Specific Key Distribution(Option)

9. Security Manager Protocol –SMP Command L2CAP CID 0x0006 –Time Limit(30 second)

10. Security Manager Protocol Phase 1: Pairing Feature Exchange –Exchange capability Information, Pairing Method IO Capability –Decide the pairing method OOB Authentication Data Encryption Key Size –7byte ~ 16byte Repeated Attempts Input capability Output Capability No OutputNumeric Output No InputNo Input No outputDisplay Only Yes/NoNo Input No outputDisplayYes/No KeyboardKeyboardOnlyKeyboardDisplay

11. Security Manager Protocol Phase 1 Pairing Feature Exchange –Security Request –Paring Request –Paring Response

12. Security Manager Protocol Phase 1 Pairing Feature Exchange –Pairing Request

13. Phase 1 Pairing Feature Exchange –Pairing Response Security Manager Protocol

14. Phase 2 : Short Term Key(STK) Generation –TK Encrypt the link, generate the STK Generated by each device based on the pairing method(Just Works, Passkey Entry, Out of Band)

15. Phase 2 STK Generation –Paring Confirm 128bit value –Paring Random –Paring Failed Security Manager Protocol

16. Phase 3 : Transport Specific Key Distribution(Option) –Master and Slave distribute the key to each other. Long Term Key(LTK) –128bit key. For encrypted connection Encrypted Diversifier(EDIV) and Random Number –EDIV : 16bit value, Rand : 64bit value –Identify the LTK Identity Resolution Key(IRK) –128bit key. Resolve Random Address Public Device Address or Static Random Address Connection Signature Resolving Key(CSRK) –Send 12byte signature after the data PDU. Verify signatures on the receiving side –128bit key

17. Security Manager Protocol Phase 3 : Transport Specific Key Distribution(Option)

18. Security Manager Protocol