Basic Search / Detailed Display

Author: 鄭偉祥
Vincentius - Randy Christianto
Thesis Title: Secure BLE-based Authentication for Micropayment using Wearable Device
Secure BLE-based Authentication for Micropayment using Wearable Device
Advisor: 羅乃維
Nai-Wei Lo
Committee: 楊傳凱
Chuan-Kai Yang
Yuan-Cheng Lai
Degree: 碩士
Department: 管理學院 - 資訊管理系
Department of Information Management
Thesis Publication Year: 2016
Graduation Academic Year: 104
Language: 英文
Pages: 46
Reference times: Clicks: 120Downloads: 3
School Collection Retrieve National Library Collection Retrieve Error Report

  • In this era, people use various technologies as their main tools to perform work and support their daily needs and life activities. A lot of new technologies have been developed and shown to the world. The Internet of Things (IoT) is an innovative technological phenomenon that involves physical objects or "things" such as smart watches, smart bands, smart glasses, being embedded with electronic sensors and connected to the Internet, thereby achieving greater value and providing better service. Bluetooth Low Energy (BLE) is a wireless personal area network technology that provides new design, increased capability, lower power consumption, and lower cost compared to previous Bluetooth technology. BLE gives developers the ability to incorporate new functionalities into IoT devices. For example, sensors in a smart watch can monitor a wearer's heart rate.
    In this thesis, we propose a newly designed small payment system using BLE-based technology embedded in wearable devices. We also develop a convenient scenario for people to perform a small payment process using BLE-based wearable devices. The proposed processing system is shown to be both effective and secure.

    Abstract I Acknowledgement II Contents III List of Figures V List of Tables VI Chapter 1 Introduction 1 Chapter 2 Related Work 5 2.1 Bluetoooth Low Energy (BLE) 5 2.2 Micropayment Mechanism 6 2.3 Authentication Scheme using Bluetooth Low Energy (BLE) 8 Chapter 3 System Environment and Design 11 3.1 Assumptions 11 3.2 Applicable Scenario 12 3.3 System Architecture 14 Chapter 4 BLE-based Authentication Protocol 18 4.1 The Proposed Protocol 18 4.2 Prototype Design 24 4.3 Implementation and Experiments 29 Chapter 5 Security Analysis 33 5.1 Security against attacks before BLE connection 33 5.2 Security against attacks within an authentication session 34 Chapter 6 Conclusion 36 References 38 Appendix A Prototype Pseudocodes 43 A.1 Initialization of Wearable Device to establish a connection 43 A.2 Initialization of Wearable Payment Counter for waiting for connection to a Wearable Device 44 A.3 The function to process the Hash Function with Session Key 46

    [1]Atzori, L. et al. 2010. The Internet of Things: A survey. Computer Networks. 54, (2010), 2787–2805. DOI=
    [2]Miorandi, D. et al. 2012. Internet of things: Vision, applications and research challenges. Ad Hoc Networks. 10, 7 (Sep. 2012), 1497–1516. DOI=
    [3]Freescale Overcoming the Size and Power Trade off in Wearable Designs.
    [4]Processor IP Enabling the Wearable Trend: 2014. Accessed: 2015-05-21.
    [5]Mi Band - Mi Singapore: - 05. Accessed: 2015-08-26.
    [6]Wearable Payments: Failure in 2011, Success in 2015? Accessed: 2015-07-13.
    [7]Bluetooth SIG 2014. Bluetooth Core Specification Version 4.2.
    [8]Bluetooth Smart: Accessed: 2015-07-12.
    [9]Dementyev, A. et al. 2013. Power consumption analysis of Bluetooth Low Energy, ZigBee and ANT sensor nodes in a cyclic sleep scenario. 2013 IEEE International Wireless Symposium (IWS) (Apr. 2013), 1–4. DOI=
    [10]100 Swedish Eurocard Customers Test Mobile Payment With Mobile Telephones Equipped With Bluetooth: 2001. Accessed: 2015-08-05.
    [11]Eurocard to test wireless payment in Swedish stores: 2001. Accessed: 2015-08-05.
    [12]Finextra news: Ericsson and Eurocard to test Bluetooth payments: 2001. Accessed: 2015-08-05.
    [13]Hedman, J. and Henningsson, S. 2012. Competition and collaboration shaping the digital payment infrastructure. Proceedings of the 14th Annual International Conference on Electronic Commerce - ICEC ’12 (New York, New York, USA, Aug. 2012), 178–185. DOI=
    [14]Zolfaghar, K. and Mohammadi, S. 2009. Securing Bluetooth-based payment system using honeypot. 2009 International Conference on Innovations in Information Technology (IIT) (Dec. 2009), 21–25. DOI=
    [15]Nan, J. et al. 2009. A mobile Micropayment Protocol Based on Chaos. 2009 Eighth International Conference on Mobile Business. DOI=
    [16]Xu, J. et al. 2013. Pairing and Authentication Security Technologies in Low-Power Bluetooth. 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing (Aug. 2013), 1081–1085. DOI=
    [17]Saravanan, K. and Yuvaraj, D. 2010. An new secure mechanism for bluetooth network. 2010 The 2nd International Conference on Computer and Automation Engineering (ICCAE) (Feb. 2010), 202–205. DOI=
    [18]Xin, Y. and Ting, Y. A Security Architecture Based on User Authentication of Bluetooth. 2009 International Forum on Information Technology and Applications. DOI=
    [19]Xu, G. L. and Yu, B. Security Enhanced Design of the Bluetooth Simple Pairing Protocol. 2011 International Conference on Computer Science and Network Technology. DOI=
    [20]Diallo, A.S. et al. 2014. A Secure Authentication Scheme for Bluetooth Connection. 2014 International Conference on Computer and Communication Engineering (Sep. 2014), 60–63. DOI=
    [21]Bluetooth 4.0: Low Energy: 2010. Accessed: 2015-06-16.
    [22]WiFi Jammer - Bluetooth Jammer - WiFi Blocker Wholesales: Accessed: 2015-08-21.
    [23]WiFi Jammers, Bluetooth blockers, 2.4 GHz 5 GHz signal jamming devices: Accessed: 2015-08-21.
    [24]WiFi Signal Jammer - Bluetooth Signal Jammer - WiFi Signal Blocker Wholesales: Accessed: 2015-08-21.
    [25]Yu, B. and Li, H. 2008. Research and Design of One Key Agreement Scheme in Bluetooth. 2008 International Conference on Computer Science and Software Engineering (2008), 665–668. DOI=
    [26]Blass, E.-O. et al. 2009. PSP. Proceedings of the 8th ACM workshop on Privacy in the electronic society - WPES ’09 (New York, New York, USA, Nov. 2009), 51. DOI=
    [27]Gaur, A. and Ondrus, J. 2012. The role of banks in the mobile payment ecosystem. Proceedings of the 14th Annual International Conference on Electronic Commerce - ICEC ’12 (New York, New York, USA, Aug. 2012), 171–177. DOI=
    [28]Hedman, J. and Henningsson, S. 2012. Competition and collaboration shaping the digital payment infrastructure. Proceedings of the 14th Annual International Conference on Electronic Commerce - ICEC ’12 (New York, New York, USA, Aug. 2012), 178–185. DOI=
    [29]Lehdonvirta, V. et al. 2009. UbiPay. Proceedings of the 6th International Conference on Mobile Technology, Application & Systems - Mobility ’09 (New York, New York, USA, Sep. 2009), 1–7. DOI=
    [30]Oracle Java Platform (JDK), Java SE Library.
    Accessed: 2015-12-15.