In 2001, researchers at Nokia determined various scenarios that contemporary wireless technologies did not address. compatibility with a large installed base of mobile phones, tablets and computers.low power requirements, operating for “months or years” on a button cell.
The Bluetooth SIG identifies a number of markets for low energy technology, particularly in the smart home, health, sport and fitness sectors. With the May 2016 Bluetooth SIG branding information, the Bluetooth SIG began phasing out the Bluetooth Smart and Bluetooth Smart Ready logos and word marks and reverted to using the Bluetooth logo and word mark in a new blue color. Bluetooth Smart indicates a low energy-only device which requires either a Smart Ready or another Smart device in order to function.Bluetooth Smart Ready indicates a dual-mode device compatible with both classic and low energy peripherals.In 2011, the Bluetooth SIG announced the Bluetooth Smart logo so as to clarify compatibility between the new low energy devices and other Bluetooth devices.
Mobile operating systems including iOS, Android, Windows Phone and BlackBerry, as well as macOS, Linux, Windows 8 and Windows 10, natively support Bluetooth Low Energy.īluetooth Low Energy is distinct from the previous (often called "classic") Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol, but the two protocols can both be supported by one device: the Bluetooth 4.0 specification permits devices to implement either or both of the LE and BR/EDR systems.īluetooth Low Energy uses the same 2.4 GHz radio frequencies as classic Bluetooth, which allows dual-mode devices to share a single radio antenna, but uses a simpler modulation system. The original specification was developed by Nokia in 2006 under the name Wibree, which was integrated into Bluetooth 4.0 in December 2009 as Bluetooth Low Energy.Ĭompared to Classic Bluetooth, Bluetooth Low Energy is intended to provide considerably reduced power consumption and cost while maintaining a similar communication range. It is independent of classic Bluetooth and has no compatibility, but BR/EDR and LE can coexist. We call such a bunch of vulnerabilities as SWEYNTOOTH, which highlights the efficacy of our framework.Low-power wireless personal area network technology designed and marketed by the Bluetooth SIGīluetooth Low Energy ( Bluetooth LE, colloquially BLE, formerly marketed as Bluetooth Smart ) is a wireless personal area network technology designed and marketed by the Bluetooth Special Interest Group (Bluetooth SIG) aimed at novel applications in the healthcare, fitness, beacons, security, and home entertainment industries. As of today, we have tested 12 devices from eight vendors and four IoT products, with a total of 11 new vulnerabilities discovered and 13 new Common Vulnerability Exposure (CVE) IDs assigned. To maximally expose such anomalies for a BLE device, our framework employs an optimization function to direct the fuzzing process. Anomalous behaviours of the peripheral, e.g., a non-compliant response or unresponsiveness, indicate potential vulnerabilities in its BLE protocol implementation. With the state machine and current state of the central, our framework either sends malformed packets or normal packets at a wrong time, or both, to the peripheral and awaits an expected response. Our framework incorporates a state machine model of the suite of BLE protocols and monitors the peripheral’s state through its responses.
Our framework runs in a central device and tests a BLE device when the latter gets connected to the central as a peripheral. Considering the diversity and usage of BLE devices as well as the complexity of BLE protocols, we have developed a systematic and comprehensive testing framework, which, as an automated and general-purpose approach, can effectively fuzz any BLE protocol implementation.
Recently, several vulnerabilities were discovered in the BLE protocol implementations of a few specific products via a manual approach. Vendors implement BLE protocols in their manufactured devices compliant to Bluetooth Core Specification.
The Bluetooth Low Energy (BLE) is a promising short-range communication technology for Internet-of-Things (IoT) with reduced energy consumption.