一种基于X3DH优化协议的轻量化BLE安全配对方案  

作　　者：骆森林 黄卓[2] 吴希航 汪凤翔 LUO Senlin;HUANG Zhuo;WU Xihang;WANG Fengxiang(School of Advanced Manufacturing,Fuzhou University,Fuzhou University,Quanzhou,Fujian 362251,China;Quanzhou Equipment Manufacturing Research Center,Haixi Institutes,Chinese Academy of Sciences,Quanzhou,Fujian 362221,China;College of Mechanical and Electrical Engineering Fujian Agriculture and Forestry University,Fuzhou,Fujian350002,China)

机构地区：[1]福州大学先进制造学院,福建泉州362251 [2]中国科学院海西研究院泉州装备制造研究中心,福建泉州362221 [3]福建农林大学机电工程学院,福建福州350002

出　　处：《福州大学学报(自然科学版)》2025年第1期17-25,共9页Journal of Fuzhou University(Natural Science Edition)

基　　金：福建省科技重大专项资助项目(2022HZ028010);福建省科技计划项目-STS计划配套资助项目(2021T3064)。

摘　　要：针对低功耗蓝牙(BLE)标准配对协议仍然存在无法抵御中间人(MITM)攻击、窃听攻击等安全问题,提出一种基于X3DH优化协议的轻量化BLE安全配对方案.在不安全的网络环境下对X3DH协议进行安全性分析,通过采取用户配置公钥和提供双向签名认证等措施对该协议进行优化改进,有效防止攻击者分别与合法的主/从设备建立共享密钥进而实施攻击.在优化的X3DH协议基础上,结合该协议原有的前向安全性和保密性,设计了BLE配对的系统方案,确保BLE设备安全可靠地建立连接.最后,通过分析对比该方案与BLE标准SSP协议、原X3DH协议方案的安全性,进行性能分析和实验验证,证明本方案是安全的、轻量化的.As the bluetooth low energy(BLE)standard pairing protocol still has security issues,such as being unable to resist man-in-the-middle(MITM)attacks and eavesdropping attacks,this paper proposes a lightweight BLE secure pairing scheme based on the optimized X3DH protocol.Conducts a security analysis on the X3DH protocol in an unsafe network environment,and optimizes and improves the protocol by taking measures such as user-configured public keys and providing two-way signature authentication,effectively prevents attackers from establishing a shared key with legitimate master/slave devices respectively to carry out attacks.Based on the optimized X3DH protocol,combined with the inherent forward security and confidentiality of the protocol,designs a system scheme for BLE pairing to ensure that BLE devices can establish connections safely and reliably.Finally,by analyzing and comparing the security of this scheme with the BLE standard SSP protocol and the original X3DH protocol scheme,as well as performing performance analysis and experimental verification,proves that this scheme is safe and lightweight.

关 键 词：低功耗蓝牙 X3DH协议 攻击者 安全配对 轻量化 

分 类 号：TN918.9[电子电信—通信与信息系统]