SECURITY ELEMENTS AND CONSIDERATIONS OF BLUETOOTH 5

According to the report in (INSTRUMENTS, 2020), the vulnerabilities facing BLE 5.0 is deemed very high and more so due to the various benefits and capabilities of Bluetooth 5.0 technology, which has made it a primary communication medium of choice for connected devices, as opposed to Wi-Fi.  The increased bandwidth and connection distance has been a source of vulnerability, because attackers can access Bluetooth connections from a long distance away, and with fast data transfer speed, can wreak havoc without notice. According to NIST report, (NIST, 2012) common areas of vulnerabilities in traditional Bluetooth 5.0 are as follows:

• Lack of end to end security
• No user authentication
• Insecure storage of link keys
• Discoverable devices

The lack of end to end security is a major vulnerability of the traditional BLE system. The current system implements individual link encryption, with message decryption at intermediate points on the communication link that could lead to man in the middle attacks (MITM), also the absence of application and user level authentication as a default in the Bluetooth specification is also an area of vulnerability, as the currently offered device level authentication isn’t sufficient nor impervious to malicious attacks, possibility of data corruption during improper synchronization, potential for loss of data stored on an IIoT device if stolen are all very critical.

Man in the middle (MITM) attacks can be mitigated by the deployment of user input passkeys, although passkey linking isn’t applicable for applications without a keypad or a display, passkeys are also not well suited for passive eavesdropping attacks. Passive eavesdropping attacks are attacks which are a little different from man in middle attacks, in that the eavesdropper doesn’t intend to change or impersonate data; rather he/she sits idly, while gathering information. (INSTRUMENTS, 2020) Surmises that at least 80% of all Bluetooth enabled smart devices are vulnerable to man in the middle attacks (MITM).

Data transmission over the Bluetooth 5.0 uses AES-CCM encryption, where this encryption takes place in the Bluetooth controller. Bluetooth low energy encryption security modes are of two types; namely the LE security mode 1 and the LE security mode 2 as shown in fig 3.

LE security mode 1 has four security levels, namely the no security (no authentication, no encryption mode), the unauthenticated pairing with encryption, the authenticated pairing with encryption and lastly the Authenticated LE Secure Connections pairing with encryption using a 128-bit strength encryption key. Where, each security level satisfies the requirements for the level below it.

LE security modes /levels and their associated characteristics are depicted in fig 4.

In LE security mode 2, it consists of two security levels, namely the unauthenticated pairing with data signing and the authenticated pairing with data signing. It is mainly used for transferring data between two devices on an unencrypted connection.

Elliptic Curve Diffie-Helman cryptography is used for key exchange in Bluetooth LE Secure Connections, according to the Bluetooth Specification Version 5.0. This helps protect against passive eavesdropping but may be susceptible to Man in the Middle (MITM) attacks. However to prevent that, random passkey generation is recommended each time pairing is initiated, where the ‘master’ and ‘slave’ device will each generate a 128-bit random number, which will serve as a temporary key (TK).

According to (Walter, 2005), obvious threats to information security are those concerning data while being transmitted over a network. Examples of some of these security threats for WANs and LANs are but not limited to; wire tapping – physical attempt to breach a communication medium for the sole purpose of data interception and malware injection, masquerading – an entity that pretends to be another entity, modification of messages- altering of transmitted data without being detected,  replay of messages – an attempt to repeat messages in order to result into something undesirable, denial of service  – a node fails to perform its proper function or acts in a way that prevents other nodes from performing their proper functions, trapdoors and Trojan horses – When an entity is modified to allow an attacker to produce an unauthorized effect on command or at a predetermined event.

The use of additional security protocols asides using firewalls are also encouraged, where examples of these are; the use of WPA or WPA2 for password encryption on all traffic incoming or outgoing to the internet, filtering of traffic using detailed knowledge of trusted sources, this is usually achieved using specialized authentication policies, using tunnel technologies such as VPN, packet control through different areas of the OSI model, MAC address trust protocol, and internal security features such as antivirus and antimalware programs.

As much as the use and deployment of virtual personal networks (VPN) helps to provide some form of security over a WAN network, it is advisable to adopt software defined –WAN, which is a centralized network control system that enables agile, real-time application traffic management without overhauling an existing WAN. SD-WANs also enable access to cloud applications without causing the data bottlenecks a traditional WAN would.

ENTERPRISE NETWORK DEVICE SECURITY

Security for cloud based services can be classified into three areas of vulnerabilities. The physical security protocol, establishes protocols for the protection of physical assets at a geographical location, infrastructure security, establishes protocols for the ensuring that security patches are updated as soon as possible, ports are scanned for abnormal behavior and data and access security deals with data encryption and user privileges control.

Cloud services are remotely hosted , run and managed by leading tech companies, and this sometimes give the false belief that it is impervious to security challenges. (Fred, 2018) highlights some security challenges that cloud services face such as; data breaches, human errors, data loss with no backup, insider threats, DDoS attacks, insecure API’s, exploits, account hijacking, advanced persistent threats and meltdowns.

While there are numerous benefits to using a cloud based service such as Amazon cloud services (AWS) and Microsoft azure, they take security seriously and try to implement some protocols that protect data transmitted and stored on their infrastructure.

AWS adopts isolation as its main security mantra (Sarapremashish, 2020), this ensures that customers cannot access any other resource within their network unless they explicitly enable such access. Isolation is achieved by accounts, which are completed islanded from each other , except in cases where customers has inter-service access. However despite this isolative security tact, AWS still implements security groups such as firewalls, granular identity and access management (IAM). AWS provides lots of security tools, such as AWS Config, CloudWatch, CloudTrail, GuardDuty, Macie, and Security Hub. Dependability is another AWS asset as it regularly exhibits rock-solid performance and consistency

Microsoft Azure on the other hand is its adoption of an azure active directory which is the singular platform for authorization and permissions management, but it still has some vulnerability as ports and destinations are left open and exposed to the internet, during default initiation.

According to (Michael, 2020), Microsoft has more than 3,500 cybersecurity experts working to keep Azure secure and an extensive threat intelligence operation that includes analysis of 18 billion Bing web pages, 400 billion emails, a billion Windows device updates, and 450 billion monthly authentications.  The azure system also improves its security by ensuring tight controls on setting up user accounts, where they restrict the opening of multiple accounts with the same domain email.

(To read the full article click here)