Browse > Article
http://dx.doi.org/10.30693/SMJ.2019.8.3.9

ECDH based authentication protocol for the Apple Bonjour protocol  

Kwon, Soonhong (상명대학교 프로토콜공학연구실)
Lee, Jong-Hyouk (상명대학교 프로토콜공학연구실)
Publication Information
Smart Media Journal / v.8, no.3, 2019 , pp. 9-16 More about this Journal
Abstract
Apple provides its own protocol, the Bonjour protocol, for convenient file transmission and reception between device. Airdrop is a Bonjour-based, representative service that is widely used as a simple data transmission/reception protocol for Apple's desktops, laptops and smartphones. However, it was demonstrated in Black Hat, a hacking security conference in 2016, that it is possible to commence a Man-in-the-Middle attack by exploiting the Bonjour protocol's weak points. In this paper, we explain the Bonjour protocol's such vulnerability for secure file transmission/reception between devices and propose an ECDH (Elliptic Curve Diffie-Hellman) based authentication protocol to enhance the protocol's security. The proposed protocol is described along with detailed operational procedures, demonstrating that it is possible to reduce the possibility of Man-in-the-Middle attack and its masquerade variant.
Keywords
Bonjour protocol; Airdrop; ECDH protocol; Man-in-the-Middle attack; Masquerade attack;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 F. Siddiqui, S. Zeadally, T. Kacem, and S. Fowler, "Zero Configuration Networking: Implementation, performance, and security," Computers & electrical engineering, vol. 38, no. 5, pp. 1129-1145, 2012.   DOI
2 iOS Security. https://www.apple.com/business/docs/site/iOS_Security_Guide.pdf (accessed Jun., 2019).
3 Bonjour Operations. https://developer.apple.comb/library/archive/documentation/Cocoa/Conceptual/NetServices/Articles/NetServicesArchitecture.html (accessed June, 2019).
4 X. Bai, et al., "Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf," 2016 IEEE Symposium on Security and Privacy (SP), pp. 655-674, San Jose, USA, 2016.
5 Y.J. Song, et al., "Analysis of Airdrop Packets and Known Vulnerabilities," Proc. of Symposium of the Korean Institute of communications and Information Sciences, pp. 987-988, June, 2018.
6 S.H. Kim, "Comparison and analysis on efficiency of scalar multiplication for Elliptic Curve Cryptosystem", M. S. dissertation, Korea Maritime and Ocean University graduate school, Busan, 2003.
7 S.h. Kwon, et al., "Simple Challenge-Response Authentication for Apple's Bonjour Protocol," Proc. of Symposium of the Korean Institute of communications and Information Sciences, pp. 989-990, June, 2018.
8 J.N. Kim, "Implementation of Virtualization-based Domain Separation Security Platform for Smart Devices," Smart Media Journal, vol. 5, no. 4, pp. 116-123, 2016.
9 W.J. Joe, H.J. Shin, and H.S. Kim, "A log visualization method for network security monitoring," Smart Media Journal, vol. 7, no. 4, pp. 70-78, 2018.