RESEARCH OF BLE 4.1 TECHNOLOGY USING UBERTOOTH ONE

Evgeny S. Semenov

Candidate of Sciences (Engineering), Associate Professor, Head of the Department of Telecommunication Systems,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky 100, 400062 Volgograd, Russian Federation

Alexander I. Trofimov

Student, Department of Telecommunication Systems,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky 100, 400062 Volgograd, Russian Federation

Vladimir G. Okunev

Student, Department of Telecommunication Systems,

Volgograd State University

This email address is being protected from spambots. You need JavaScript enabled to view it.

Prosp. Universitetsky 100, 400062 Volgograd, Russian Federation

Abstract. Bluetooth technology, widely used in devices like smartphones, headphones, and speakers, raises significant security concerns due to its prevalence. This study delves into Bluetooth Low Energy (BLE), an enhanced version of Bluetooth 4.0 designed for low-power devices. BLE operates at 2.400–2.4835 GHz, utilizing 40 channels but detecting traffic on only three. It employs AES-CCM encryption with a 128-bit key length for security. The research utilizes the Ubertooth One device, an open-source wireless development platform at 2.4 GHz suitable for Bluetooth experiments. Ubertooth One features an ARM Cortex-M3 microcontroller, 1 MHz bandwidth, and 1 mW transmitter power. The study involves traffic analysis using Wireshark, a tool supporting various network protocols and offering traffic sorting and filtering capabilities. To capture BLE traffic, a software channel is created with Wireshark using the ubertooth-btle command. Subsequently, Crackle software is employed to decrypt data by exploiting vulnerabilities in BLE pairing processes in versions 4.0–4.1. Crackle can derive temporary, short-term, and long-term keys from captured traffic to decrypt subsequent encrypted packets. The vulnerability exploited by Crackle is absent in BLE version 4.2 onwards due to the Secure Connection mode implementation. The experiment successfully captured BLE traffic, analyzed packet structures in Wireshark, and decrypted packets using Crackle, showcasing the importance of addressing security vulnerabilities in Bluetooth technologies. This study underscores the critical need for robust security measures in Bluetooth technologies to safeguard data integrity and confidentiality amidst the growing adoption of wireless communication devices.

Key words: Bluetooth, Bluetooth Low Energy, BLE, Ubertooth One, traffic analysis, Wireshark, Crackle, vulnerabilities.

Creative Commons License
This work is licensed under a 
Creative Commons Attribution 4.0 International License.
Attachments:
Download this file (4_Semenov, Trofimov, Okunev.pdf) 4_Semenov, Trofimov, Okunev.pdf
URL: https://ti.jvolsu.com/index.php/en/component/attachments/download/924
42 DownloadsUpdate this file (4_Semenov, Trofimov, Okunev.pdf)