3

Is there any material improvement/difference in BLE security controls/requirements in BLE 5.0 spec as compared to BLE 4.2 spec?

I skimmed through the BLE bits in the huge Bluetooth 5.0 core spec but that didn't help.

I am aware that there are significant security control improvements/additions in BLE 4.2 vs its predecessors BLE 4.0/4.1.

schroeder
  • 123,438
  • 55
  • 284
  • 319
ricky pan
  • 31
  • 1
  • 2

2 Answers2

1

You'll find that most of these attacks still work in both BLE 4.2 and BLE 5.0 -- https://security.stackexchange.com/a/100444/140

As the last link in the comments alludes to, some BLE 5.0 is implemented in both firmware and hardware while others don't have the firmware capability to push a formerly-4.x device to 5.0.

It also notes that Bluetooth is commonly-imperfectly implemented.

atdre
  • 18,885
  • 6
  • 58
  • 107
  • 1
    I don't believe that is correct. For e.g. ble 4.2 introduced "le secure connection" pairing methods which mitigate attacks on link layer pairing through crackle. Crackle works on legacy pairing methods like just works and passkey. I need to know if Ble 5.0 has further improvements from 4.2 or is it primarily the same from a security point of view – ricky pan Jan 05 '18 at 10:01
  • You have all of the answers including that one within the links. Yes, 4.2 uses Passkey Entry protocol but can also use OOB. However, there are non-theoretical attacks (besides Crackle) against OOB and all of 4.2 (see this link -- https://pomcor.com/2015/06/03/has-bluetooth-become-secure/ -- and comments therein). 5.0 only appears to add more bandwidth and new battery-usage types -- not security-related. I could be wrong, but that's my analysis so far. – atdre Jan 05 '18 at 11:16
0

I looked up the various changes for Bluetooth between 5, 5.1 and 5.2 with regards to security:

It turns out that there are no security-specific improvements since Bluetooth 4.2.

parsley72
  • 195
  • 7