by Pierre-Marcel Gnilka
Our product “APIIDA Mobile Authentication” uses Bluetooth Low Energy (BLE 4.1) as wireless communication technology. This allows an easy and comfortable pairing of smartphone and computer with help of one of the three connection methods- Just Works, Passkey Entry and OOB. Version 4.1 covers almost all mobile devices and enables a large number of users to use APIIDA Mobile Authentication.
The energy consumption of BLE is so low that the smartphone is hardly burdened. For comparison: A button battery can supply a BLE chip with sufficient power for several years so that it can send and receive data.
The standard encryption under BLE 4.1 is easy to decrypt with today’s hard-/software. It uses different keys, but all of them are based on a random number between 0 and 999.999. With the Just Works connection method, it is always 0, so you can crack the standard encryption with a simple guide from the Internet. Since security is a core issue at APIIDA Mobile Authentication, we have developed our own protocol: “APIIDA Mobile Authentication Protocol” (AMAP). This is based on symmetric encryption using the Advanced Encryption Standard (AES). In order to exchange the symmetric keys securely and quickly between the two parties, we use the protocol Elliptic-curve Diffie-Hellman (ECDH). Via an asymmetric crypto procedure it exchanges the symmetric key between smartphone and computer:
1 Martha and Tom agree on a public color (yellow).
2. Martha chooses orange as the secret color, Tom chooses turquoise.
3. Martha and Tom mix the public color and their respective secret ones.
4. Martha gets beige, Tom gets grey blue.
5. the new colours are exchanged (via an unsecure [buggable] line).
6. Martha mixes grey-blue and orange (her secret colour) and gets ochre brown as common secret colour.
7. Tom mixes beige and turquoise (his secret color) and gets ochre brown as common secret color
With this “common secret” we can encrypt BLE communication securely and reliably using AES.
Die Cookie-Einstellungen auf dieser Website sind auf "Cookies zulassen" eingestellt, um das beste Surferlebnis zu ermöglichen. Wenn du diese Website ohne Änderung der Cookie-Einstellungen verwendest oder auf "Akzeptieren" klickst, erklärst du sich damit einverstanden.