TY - GEN
T1 - Assessing pairing and data exchange mechanism security in the wearable internet of things
AU - Lotfy, Kerolos
AU - Hale, Matthew L.
PY - 2016/12/16
Y1 - 2016/12/16
N2 - The consumer wearable economy is a rapidly growing sector with an ever increasingly number of use cases mostly focused on the quantified self. Whether used for fitness tracking, mobile health monitoring, or as remote controllers for connected smartphone apps, wearables typically come equipped with a wide variety of different sensors such as accelerometers, pulsometors, and thermometers to capture data such as, respectively, the user's movements, heart-rate, and temperature. Once data is captured it is then typically wirelessly transmitted, using Bluetooth LE (low energy) to an awaiting smartphone. Since the data may be sensitive and/or personally identifiable, it is critical that this exchange and the pairing mechanisms used to set up the connection remain secure and resilient to eavesdropping attacks. This paper empirically evaluates the data exchange mechanisms of a variety of major commercial wearable products to determine if, and how well, the products live up to this security constraint. As part of this effort, the work also investigates the three different types of Bluetooth LE pairing strategies at a packet and protocol level. The results show presumably secure pairing strategies have glaring security vulnerabilities that affect all of the devices examined. In addition to this publication, efforts are underway to report these vulnerabilities to US-CERT.
AB - The consumer wearable economy is a rapidly growing sector with an ever increasingly number of use cases mostly focused on the quantified self. Whether used for fitness tracking, mobile health monitoring, or as remote controllers for connected smartphone apps, wearables typically come equipped with a wide variety of different sensors such as accelerometers, pulsometors, and thermometers to capture data such as, respectively, the user's movements, heart-rate, and temperature. Once data is captured it is then typically wirelessly transmitted, using Bluetooth LE (low energy) to an awaiting smartphone. Since the data may be sensitive and/or personally identifiable, it is critical that this exchange and the pairing mechanisms used to set up the connection remain secure and resilient to eavesdropping attacks. This paper empirically evaluates the data exchange mechanisms of a variety of major commercial wearable products to determine if, and how well, the products live up to this security constraint. As part of this effort, the work also investigates the three different types of Bluetooth LE pairing strategies at a packet and protocol level. The results show presumably secure pairing strategies have glaring security vulnerabilities that affect all of the devices examined. In addition to this publication, efforts are underway to report these vulnerabilities to US-CERT.
KW - Bluetooth
KW - Internet of things
KW - Man-in-the-middle attacks
KW - Pairing
KW - Security
KW - Vulernability discovery
KW - Wearables
UR - http://www.scopus.com/inward/record.url?scp=85010301225&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85010301225&partnerID=8YFLogxK
U2 - 10.1109/MobServ.2016.15
DO - 10.1109/MobServ.2016.15
M3 - Conference contribution
AN - SCOPUS:85010301225
T3 - Proceedings - 2016 IEEE International Conference on Mobile Services, MS 2016
SP - 25
EP - 32
BT - Proceedings - 2016 IEEE International Conference on Mobile Services, MS 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2016 IEEE 5th International Conference on Mobile Services, MS 2016
Y2 - 27 June 2016 through 2 July 2016
ER -