| 摘要 |
The invention disclosed provides an improved Bluetooth™system with increased security and privacy for“device association”(“pairing”) of two Bluetooth™devices where one device has no display. Heretofore, only Secure Simple Pairing (SSP) Association Model“Just Works”is used if one device is display-less. Unfortunately, Just Works is vulnerable to exploits known as“Man-In-The-Middle”(MITM) attacks. By contrast, my invention implements uses Numeric Comparison (heretofore, unusable when one of the pairing devices are display-less). Numeric Comparison is more secure than Just Works, because both agree to a randomly-generated 6-digit number. My innovation allows display-less Bluetooth™devices (headsets or ear buds) to pair with display-bearing devices, because the matching 6-digit number on the displaying device is“spoken”or sounded (voice recordings, beeps, tones) into a displayless device user's ear. This allows displayless device users to hear sounds (spoken or beeped) equivalent to displayed 6-digit numbers to facilitate comparison, matching, and secure Bluetooth pairing. This reduces or eliminates risk of MITM exploits.
|
