Bluetooth Low Energy Makes “Just Works” Not Work

摘要

BLE (Bluetooth Low Energy) is being heavily deployed in many devices and IoT (Internet of Things) smart applications of various fields, such as medical, home automation, transportation and agriculture. It has transformed the classic Bluetooth into a technology that can be embedded into resource constrained devices running on a cell coin battery for months or years. Most BLE devices that are sold in the market use the Just Works pairing mode to establish a connection with peer devices. This mode is so lightweight that it leaves the implementation of security to application developers and device manufacturers. Unfortunately, as the market does not want to pay for security, a number of vulnerable smart devices are strolling around in the market. In this paper, we discuss how Bluetooth devices that use the Just Works pairing mode can be exploited to become nonoperational. We conduct a case study on three different Bluetooth smart devices. We show how these devices can be attacked and abused to not work properly. We also present a vulnerability that is due to the behavior of BLE smart devices and the Just Works pairing mode. This vulnerability can be exploited to generate an attack that affects BLE availability. We propose a solution to mitigate the attack.