2

I'm working on a C++ project that deals with data transmission. My system is composed of two different devices, that have to exchange sensitive data in a trusted mode. To do this I downloaded and set up the last bluez library (v5.50) on my Raspberry Pi.

  1. Is there any possibility to enable data encryption using the bluez API?

Googling around the possibility to use the BLE encryption mechanism I found discordant opinions. Someone suggests using it while others one discourage it in favor of application-level encryption exploiting, for instance, the Cripto++ library.

  1. Which is the best solution?

Thanks

Youssif Saeed
  • 11,789
  • 4
  • 44
  • 72
AV28
  • 67
  • 1
  • 9
  • I don't know much about Bluetooth, but if I had requirements for protecting sensitive data, then I would not rely on some link-level protocol and declare, "Job done!" I would study the _[threat model](https://en.wikipedia.org/wiki/Threat_model)_, and I would choose appropriate encryption algorithms, and ensure that my software (and maybe also hardware) were _[secure by design](https://en.wikipedia.org/wiki/Secure_by_design)_. You are opening a [huge can of worms](https://en.wikipedia.org/wiki/Computer_security) when you promise to protect your user's sensitive data. – Solomon Slow Jan 25 '19 at 16:48
  • @SolomonSlow thanks for your prompt replay. If I understand correctly link-layer encryption mechanism is not a correct solution. Anyway to give some new details about my system the Bluetooth connectivity is supposed to be used to send information about Wi-Fi ssid and password. So, do you suggest the use of a multi-level encryption mechanism? – AV28 Jan 26 '19 at 10:40
  • A person who has the technical skills and the time and the energy to eavesdrop on a Bluetooth link, is a person who may try other tricks to obtain your data. For example, if the bad guy can steal your device, he could use a [cold boot attack](https://en.wikipedia.org/wiki/Cold_boot_attack), or [other ways](https://en.wikipedia.org/wiki/Side-channel_attack#General) to get past the device's password protection. What I'm saying is, encrypting the data as it goes over the air is just one part of a larger data-security problem. – Solomon Slow Jan 26 '19 at 16:18

1 Answers1

3

My recommendation is to always have the connection encrypted. Please see this answer which explains the benefits and importance of encrypted connections vs open connections.

In regards to encrypted connections, you can easily do this by pairing with a device. In BLE, pairing allows connection packets to be encrypted. Using BlueZ, you can easily do this from the command line using the bluetoothctl command as follows:-

bluetoothctl
[bluetoothctl] connect 00:11:22:33:44:55
[bluetoothctl] pair 00:11:22:33:44:55

Beforehand, please ensure that your BlueZ device can perform/accept connections and pairing as follows:-

btmgmt connectable on
btmgmt bondable on
btmgmt io-cap 
btmgmt 3

The last command sets your IO capability to NoInputNoOutput, but you can change this to one of the following values:-

0       DisplayOnly
1       DisplayYesNo
2       KeyboardOnly
3       NoInputNoOutput
4       KeyboardDisplay

However, if you do that, you will need to pass the equivalent command line option when launching bluetoothctl as follows:-

bluetoothctl --agent KeyboardOnly
bluetoothctl --agent KeyboardDisplay
bluetoothctl --agent NoInputNoOutput
bluetoothctl --agent DisplayOnly

If you want to view the underlying API for this, please have a look at the BlueZ source code, and you can start with client/main.c for the connection and pairing commands.

Finally, as Solomon Slow indicated, if you are promising the protection of sensitive data then you should definitely go for multi-level encryption. In other words, the link should be encrypted, as well as the data before being sent in the software, and if your device supports hardware-level encryption, then do that as well.

For further reading on BLE Encryption, please visit the Bluetooth Specification Version 5.0, Vol 2, Part H, Section 1: Security Overview.

I hope this helps.

Youssif Saeed
  • 11,789
  • 4
  • 44
  • 72
  • @Yossif thanks for your response. I also spent some times to analyze the example code that you suggested to me, it was useful to start up the project. By the way, some things remain unresolved. In particular, could you suggest me some specific point in the bluez library to use link-layer encryption exploiting DBus? – AV28 Jan 28 '19 at 14:59
  • @AV28 Unfortunately I don't have much experience using the underlying DBUS API. However, a good point to start would be at the documentation directory here:- https://github.com/Vudentz/BlueZ/tree/master/doc – Youssif Saeed Jan 28 '19 at 17:30