Journal of Computer Science and Technology


Side-Channel Analysis for the Re-keying Protocol of Bluetooth Low Energy

Pei Cao (曹培), Chi Zhang (张驰), Xiang-Jun Lu (陆相君), Hai-Ning Lu (陆海宁), and Da-Wu Gu* (谷大武), Distinguished Member, CCF, Member, ACM   

  1. School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
  • Contact: Da-Wu Gu
  • About author:Da-Wu Gu is a distinguished professor at School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai. He received from Xidian University of China, Xi'an, his B.S. degree in applied mathematics in 1992, and his M.S. degree in 1995 and Ph.D. degree in 1998 both in cryptography. His research interests include crypto algorithms, crypto engineering, and system security. He leads the Laboratory of Cryptology and Computer Security (LoCCS) at SJTU, Shanghai. He was the winner of Chang Jiang Scholars Distinguished Professors Program in 2014 by Ministry of Education of China. He won the National Award of Science and Technology Progress in 2017. He has got over 150 scientific papers in academic journals and conferences, and owned 28 innovation patents.

In the era of the Internet of Things, Bluetooth Low Energy (BLE/BTLE) plays an important role as a well-known wireless communication technology. While the security and privacy of BLE have been analyzed and fixed several times, the threat of side-channel attacks to BLE devices is still not well understood. In this work, we highlight a side-channel threat to the re-keying protocol of BLE. This protocol uses a fixed long term key for generating session keys, and the leakage of the long term key could render the encryption of all the following (and previous) connections useless. Our attack exploits the side-channel leakage of the re-keying protocol when it is implemented on embedded devices. In particular, we present successful correlation electromagnetic analysis and deep learning-based profiled analysis that recover long term keys of BLE devices. We evaluate our attack on an ARM Cortex-M4 processor (Nordic Semiconductor nRF52840) running Nimble, a popular open-source BLE stack. Our results demonstrate that the long term key can be recovered within only a small amount of electromagnetic traces. Further, we summarize the features and limitations of our attack, and suggest a range of countermeasures to prevent it.



Key words: bluetooth low energy; long term key; re-keying protocol; side-channel analysis;

[1] Chi Zhang, Jun-Rong Liu, Da-Wu Gu, Wei-Jia Wang, Xiang-Jun Lu, Zheng Guo, Hai-Ning Lu. Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks [J]. Journal of Computer Science and Technology, 2019, 34(5): 1079-1095.
Full text



No Suggested Reading articles found!

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
  Copyright ©2015 JCST, All Rights Reserved