How exactly does Bluetooth paring work? What is communicated between each device during the pairing process?
I was told if you had device-A wanting to pair with device-B:
A sends a 'unique key' to device B on some wavelength/frequency
B returns an 'echo' back to A, and hence the devices pair.
+-----+ key +-----+
| | ----> | |
| A | | B |
| | <---- | |
+-----+ echoed +-----+
This seems to be inaccurate, so would anyone be able to either expand further or actually explain how/what is communicated to result in a successful pairing of the devices?
I was thinking of incorporating some of this research into a final year project (University), but would at least need to know the something of the Bluetooth programming pairing first.
Any help would be much appreciated in describing how these initial communications work.
I've heard of terms such as 'parked mode', and 'passive mode' within my research, but am yet to find any 'useful' information in the programming behind the design, (and hence I have asked this question). The likes of googling this type of topic is also quite difficult as it seems to bring up stuff like 'how to turn your bluetooth on' pages, and not the design of the programming behind it.
Bluetooth Secure Simple Pairing uses Elliptic Curve Diffie Hellman (ECDH) public key cryptography with approximately 95 bits of entropy using the FIPS approved P192 elliptic curve.
E:y2=x3 +ax+b(modp)
The following parameters are given:
The prime modulus p, order r, base point x-coordinate Gx, base point y- coordinate Gy.
The integers p and r are given in decimal form; bit strings and field elements are given in hex.
p = 6277101735386680763835789423207666416083908700390324961279
r = 6277101735386680763835789423176059013767194773182842284081
b = 64210519 e59c80e7 0fa7e9ab 72243049 feb8deec c146b9b1
Gx = 188da80e b03090f6 7cbf20eb 43a18800 f4ff0afd 82ff1012
Gy = 07192b95 ffc8da78 631011ed 6b24cdd5 73f977a1 1e794811
There are five phases of Secure Simple Pairing:
1. Public key exchange
Each device generates its own Elliptic Curve Diffie-Hellman (ECDH) public-private key pair.
2. Authentication Stage 1
1 of 3 protocol options is chosen by the connecting devices based on the IO capabilities of the two devices. These are:
Numeric Comparison,
Out-of-Band,
Passkey Entry
3. Authentication Stage 2
Each device confirms that both devices have successfully completed the exchange as stipulated by which of protocol was chosen and used in the previous step.
4. Link key calculation
A link key is computed from the derived shared key and the publicly exchanged data. This is the numeric code shown to the user.
5. LMP Authentication and Encryption
The encryption keys are generated. The devices are successfully connected.
Further Reading:
Bluetooth user Interface Flow Diagrams for Bluetooth Secure Simple Pairing Devices (PDF)
Bluetooth Core Complete Specification v4.0 vol0 (ZIP/PDF)
the core specification is 138 pages and to fully answer your question would take at least 20 so to fully answer your question you'll need to read the references
A trusted relationship is established between the devices using a numerical password, commonly referred to as a passkey. Depending on how often one Bluetooth device connects to another, the user might opt to have the passkey saved for future connection attempts or prompt to enter the passkey each time the devices request communication with each other.
Read more : http://www.ehow.com/how-does_4964578_bluetooth-pairing-work.html
For two devices to have the ability to pair, they must share the same bluetooth profile. The following is from the official Bluetooth website:
Pairing devices
Not all Bluetooth enabled devices are designed to be paired. Logically, there's no reason to connect a wireless mouse to a wireless headset. You should be able to pair a Bluetooth enabled headset to a Bluetooth enabled phone, or a Bluetooth enabled mouse to a Bluetooth enabled computer.
If you're not sure whether the two devices you want to connect are designed to be paired with each other, make sure their Bluetooth profiles match.
Related
According to the Bluetooth 5.2 manual, pages 1641-1642, Table 2.8, Numeric Comparison pairing should be used in cases when both devices have a display. These displays can be used to show confirm Yes/No prompts on both devices as part of authentication. (Figure 2.3, page 1648). However, from the perspective of protocol message exchange sequences for Numeric Comparison, it appears that even if one of the devices does not have display IO the Numeric Comparison pairing can be used. In particular, instead of displaying the passcode on both of the devices, it can be displayed on one of the devices (assume device A) and the other device (assumer device B) merely enters the same passcode through the keypad. The internally generated same passcode (Va=Vb) can be matched with entered passcode on device B and can be confirmed Yes/No prompt on device B. The rest of the procedure can be followed as the standard method (Passkey Entry pairing, page 1652, Figure 2.5).
Is there anything wrong with my understanding here? Is there any security implication of using Numeric Comparison pairing with devices not having displays?
I'm trying to detect whether a contactless enabled smartcard or a mobile device equipped with ApplePay, Google Pay, or Samsung Pay was used for a contactless EMV transaction.
I have been researching via the EMV books, and there seems to be a tag 9F6E provides this sort of data:
EMV Book 3 - VISA
EMV Book 4 - MasterCard
Questions:
VISA provides a 4 byte value in the field 9F6E, but I can't find a list of possible values and their meanings anywhere. The EMV book says "out of scope". Is there anyway to reliably convert this to a known form factor?
MasterCard provides data 2 bytes for the form factor, but I'm seeing values that I don't undestand (32 31 ascii = 21). Is there a list of values and meanings somewhere for these?
Is there an easy way to understand if CDCVM has been used for a given contactless transaction, so that I could separate contactless transactions from contactless with CDCVM transactions?
Google Pay is using cloud-based payments while Apple is using an embedded secure element. You can find this tag on 9F6E form factor on Visa. However, it might be different for Master Card or Amex.
To fix this correctly, you might want to check the EMV tag 9F19 which returns to the token requestor ID. Check EMV payment tokenization for this spec. Token requestor ID looks like this:
MasterCard
50110030273 – APPLE_PAY
50120834693 – ANDROID_PAY
50139059239 – SAMSUNG_PAY
Visa
40010030273 – APPLE_PAY
40010075001 – ANDROID_PAY
40010043095 – SAMSUNG_PAY
40010075196 – MICROSOFT_PAY
40010075338 – VISA_CHECKOUT
40010075449 – FACEBOOK
40010075839 – NETFLIX
40010077056 – FITBIT_PAY
40010069887 – GARMIN_PAY
Refer the below documents. You will require Visa Online and MasterCard connect access to get these.
VCPS_2.2 Spec
M/ChipRequirements For Contact and Contactless Spec
check in CVM and CVR inside 9F10
I believe it is also possible to detect if the transaction was performed by a mobile device by using tag 0x82 (Application Interchange Profile). I believe this is a better approach because it will be the same regardless of card brand (as long as the card brand in question followed EMVCo's spec correctly.
Here is a link to EMV Co Contactless Book.
https://www.emvco.com/wp-content/uploads/2017/05/C-4_Kernel_4_v2.6_20160512101635327.pdf
Screenshot Of Desired Table
Check Bit 7 (second most significant bit) of Byte 2 (Rightmost Byte). If it is 1 it came from a mobile device. The Application Interchange profile will always be 2 Bytes.
My teachers use a small device, with a press on the only button the device shows a code of numbers.
When they want to change my grades they login to the school system using this code.
NO I DO NOT WANT TO HACK IT ;)
I'd like to know how this sort of code is generated and afterwards how it is authenticated?
Sounds like the device is used for two factor authentication.
RSA makes one type of these devices. Here is a link to more information on it: RSA SecurID
#Mart Haarman, The SecurID is not based on time. It used 128 bit RSA algorithm, has a seed value which is a random generated number embedded in the device and mapped to the device serial number.
Is it possible to search for all iBeacons which are nearby? I know it's possible to search iBeacons by UUID. But i want to find all iBeacons nearby.
An iBeacon is a region, and has as defining property the UUID. Therefore, you can only search for the ones matching a UUID.
After you find one or more with a specific UUID, you can figure out which is closest using the delegate callbacks, where the beacons are stored in an array ordered by distance.
There is great sample code on this and also a pretty detailed WWDC video session: "What's new in Core Location"
iBeacons are higher-level constructs than regular BLE peripherals. From what can be determined from the Apple docs, beacons are tied to their service UUID. i.e., a family of beacons is a "region" and a you go into and out of a region based on the range and visibility of a beacon to YOU, not the other way around. Unfortunately Apple has used the term region, which most of us probably associate with MapKit, so this is adding to the general confusion
Here's the bad news: You can only scan for ProximityUUIDs that you know, there is no "wildcard" proximityUUID. Additionally, CLBeacons don't expose the much in the way of lower level CoreBluetooth guts so if you want to find all beacons that happen to be near you, you'll have to use CoreBluetooth, scan for peripherals, then look though the returned peripheries and query each one them to find beacons. Of course Apple has neither registered (with the Bluetooth SIG) or (yet) published the iBeacon characteristics so, you'll need a BT sniffer to reverse engineer what constitutes an iBeacon from any other BLE device.
each APP would use it's own specific UUID, using the "major" and "minor" integer values to differentiate between beacons.
for example, the UUID would be associated with a chain of shops, major would identify the shop, and minor the aisle, or even a group of products.
scanning for unknown UUID's would not be very useful, as your app would not know what to do with the information.
the UUID is generated once and for all, using the "uuidgen" command in the terminal.
sadly there is no protocol to actually communicate with beacons, hence there is no standard to get the location of a beacon, or any other useful info.
it would have been so much better if we could open a connection to a beacon, usually the closest one, and obtain additional data from it, without having to be on the same WIFI network.
you either have to use bonjour to communicate with the device over WIFI, or use the major and minor id to obtain data from a webservice of some kind.
Unfortunately you cannot at this time search for an arbitrary iBeacon without first knowing the proximityUUID value. I've tried writing directly to COREBluetooth and, although you can discover and connect to transmitting beacons in your area, what you get back is jibberish with no relation to the BLE UUID. So you can't even confirm that the peripheral you have connected to is in fact an iBeacon.
This does not appear to be a limitation of the BLE spec, rather it is a limitation that has been imposed by Apple. It also appears that this limitation does not exist for the Android platform.
Until this gap is closed, Android will have a significant advantage over iOS in this area.
I disagree with previous comments that scanning for UUIDs would be useless. On the contrary, if you knew the beacon UUID, you could create a map of beacon/location/subject in the cloud and use it to navigate (assuming the beacon was fixed) using a web service. You could crowd-source the data so that eventually a very rich database of beacon UUID/location pairs would be available to all who wanted to write location apps. Perhaps this is why Apple is hiding the info; they may be holding this back for their own purposes.
According to Radius Networks (authors of the AltBeacon spec and the android-beacon-library it's not possible to identify a beacon using CoreBluetooth
This is a question purely to satisfy my own curiosity.
Here in Norway it's common for netbanks to use a calculator-like (physical) dongle that all account holders have. You type your personal pin in the dongle and it generates an eight-digit code you can use to login online. The device itself is not connected to the net.
Anyone knows how this system works?
My best guess is that each dongle has a pregenerated sequence of numbers stored. So the login process will fail if you type an already used number or a number that is too far into the future. It probably also relies on an internal clock to generate the numbers. So far none of my programmer peers have been able to answer this question.
[Edit]
In particular I'm curious about how it's done here in Norway.
Take a look here: http://en.wikipedia.org/wiki/Security_token. If you are interested in the algorithms, these might be interesting: http://en.wikipedia.org/wiki/Hash_chain and http://en.wikipedia.org/wiki/HMAC.
TOKENs have very accurate real-time clock, and it is synced with same clock on the auth server. Real time is used as a seed along with your private key and your unique number is generated and verified on the server, that has all the required data.
One major one-time password system is Chip and PIN, in which bank cards are inserted into special, standalone card readers that accept a PIN and output another number as you describe. It is widely deployed in the UK.
Each bank card is a smart card. The card's circuitry is what checks the PIN and generates the one-time password. Cryptographic algorithms that such cards can use include DES, 3DES (Triple DES), RSA, and SHA1.
I recently went overseas and used the dongle there with no problems.
It is a sealed battery powered dongle. One pushes the button and a code number appears.
The only way it could work is that it is time synchronised to the bank.The number that is recruited only lasts for a minute if that.
A random number generator is used to create the stream of numbers recorded in the memory of the device.
It therefore becomes unique for the user and only the bank 'knows' what that random number generator produced for that particular user and dongle.
So there can only be one next number .
If the user makes a mistake, the bank 'knows' they are genuine because the next try is the next sequential number that is in the memory.
If the dongle is stolen the thief also has to have the other login details to reach the account.