Paper in a peer-reviewed international conference
Secure protocol buffers for Bluetooth Low-Energy communication with wearable devices
Internet of Things, Bluetooth Low-Energy, Security, Privacy, Protocol Buffers
Miguel Francisco, Samih Eisa, Miguel L. Pardal
IEEE International Symposium on Network Computing and Applications (NCA). Online conference. 2021
Wearable devices are further connecting people to the world, extending the reach of smartphones and the Internet. New applications are possible such as activity and location tracking that allows health monitoring and increased access to health services. Bluetooth Low-Energy (BLE) is a pivotal technology for this vision, as it allows power-efficient network connections to smartphones and to service infrastructure. However, there are design flaws and implementation vulnerabilities in BLE that affect the most widely used chipsets and operating systems. In this paper, we present POSE, an end-to-end security layer, that can mitigate attacks on BLE pairing and link-layer communications. POSE uses protocol buffers for efficient message data serialization/deserialization and, on top of them, provides message confidentiality and authenticity, including message freshness. POSE was implemented and its processing time, packet overhead, and CPU usage were evaluated. The results show that POSE is an efficient solution for secure communication with wearables and other constrained devices, especially when they already use protocol buffers.