BlueBrothers: Three New Protocols to Secure Bluetooth

Abstract

Bluetooth is a pervasive wireless standard that, despite numerous revisions, remains vulnerable to multiple design-level security flaws. Specifically, its pairing and session establishment security protocols do not provide integrity protection, forward secrecy, or strong authentication mechanisms, enabling critical impersonation and man-in-the-middle attacks. These risks are compounded by complex and fragmented specifications, which hinder secure implementation and formal analysis. To address these issues, we present BlueBrothers, three new protocols to serve as a secure alternative to the current ones. BB-Pairing combines pairing and session establishment in a single protocol that provides integrity protection and robust user-assisted authentication. BB-Session establishes authenticated, secure sessions with forward secrecy guarantees. BB-Rekey provides forward and future secrecy within a session via a lightweight key-refresh mechanism. We model BlueBrothers in ProVerif and verify confidentiality, integrity, and entity-authentication properties. We implement the protocols on constrained nRF52 devices and evaluate performance against the Bluetooth baseline. Our results show up to a 59% reduction in latency with comparable energy consumption.