Breaking News
News & Analysis

Is It Secure to Use BLE in Cars?

Bluetooth SIG working on security updates
4/29/2014 00:01 AM EDT
25 comments
NO RATINGS
1 saves
Page 1 / 2 Next >
More Related Links
View Comments: Newest First | Oldest First | Threaded View
<<   <   Page 2 / 3   >   >>
Bert22306
User Rank
CEO
Should not be a BLE problem
Bert22306   4/30/2014 4:20:15 PM
NO RATINGS
In short, when you set up an Internet account with your bank, are you having to involve your broadband provider in the process? Answer: no. It's all between your PC and your bank.

The Bluetooth Smart/Dumb interface should not need to become involved, except in cases where Transport Layer Security (TLS) is not feasible or too cumbersome. Same applies, for example, to WiFi. If you can use TLS or IPsec protocols over your WiFi, then the need for WiFi's own security layer is lessened considerably. (Mostly, WiFi's security protocol is used to prevent others from clogging up your broadband link, but not to prevent others from accessing your bank account!)

In this specific case, to lock/unlock the doors and to open windows, the automakers can simply use TLS between your own cellphone and the MCU that controls those functions. If this involves too much delay, the best bet by far is to install a faster MCU!!

AZskibum
User Rank
CEO
Re: Honk if you use Buetooth
AZskibum   4/30/2014 3:57:34 PM
NO RATINGS
I don't think it's feasible today without physical access to the vehicle. But when vehicles start including wireless networks, who knows?

y_sasaki
User Rank
CEO
Re: Honk if you use Buetooth
y_sasaki   4/30/2014 2:58:38 PM
NO RATINGS
@alex_m1, not exactly... legacy Bluetooth hops frequency in every 625usec, but Bluetooth LE use more static "channel selection" per-connection bases. It is still dynamically allocated, but not exactlly FH spectrum spreading.

JanineLove
User Rank
Blogger
Re: BLE security
JanineLove   4/30/2014 9:29:15 AM
NO RATINGS
I may be missing something here, but aren't they saying that the only security flaw is in the initial pairing? iF that's the case, can't careful pairing circumstances/measures solve this? Pairing is a one-time thing.

<<*if* they rely on BLE's built-in security and *if* the attacker is able to observe the user pairing with the phone.>>

alex_m1
User Rank
CEO
Re: BLE security
alex_m1   4/29/2014 4:30:39 PM
NO RATINGS
@Junko, since all those subsystems are connected to some power cable, why not justuse that for communication ?

alex_m1
User Rank
CEO
Re: Honk if you use Buetooth
alex_m1   4/29/2014 4:29:14 PM
NO RATINGS
@rick , bluetooth uses frequency hopping which has high reliability against intereference.

junko.yoshida
User Rank
Blogger
Re: Honk if you use Buetooth
junko.yoshida   4/29/2014 4:20:04 PM
NO RATINGS
@AZskibum, understood.

From an engineer's point of view, you think remotely commanding airbags is feasible. Correct?

AZskibum
User Rank
CEO
Re: Honk if you use Buetooth
AZskibum   4/29/2014 4:13:36 PM
NO RATINGS
Security should of course be a concern, but I think reliability is a far bigger concern. Having said that, I recently saw an episode of a TV drama in which a murder was committed by a hacker who remotely commanded his victim's airbags to deploy, causing a fatal crash. Food for thought as we march toward wireless connectivity in cars.

junko.yoshida
User Rank
Blogger
Re: Retro-fitting is always a hack
junko.yoshida   4/29/2014 4:06:01 PM
NO RATINGS
@DouglnRB, I am not sure. But my unerstanding is that they will put in some sort of mechanism in the BLE spec that would allow certain systems to use public key exchange such as Diffie-Hellmann.

junko.yoshida
User Rank
Blogger
Re: Honk if you use Buetooth
junko.yoshida   4/29/2014 3:29:54 PM
NO RATINGS
@Rick, it is true. Reliability is a big issue, when it comes to anything wireless.... But when I asked several experts about interference issues of BLE, I got their answers saying that they are little concerned. But security? Yes, they are worried.

<<   <   Page 2 / 3   >   >>
Flash Poll
Radio
LATEST ARCHIVED BROADCAST
EE Times editor Junko Yoshida grills two executives --Rick Walker, senior product marketing manager for IoT and home automation for CSR, and Jim Reich, CTO and co-founder at Palatehome.
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Times on Twitter
EE Times Twitter Feed