Login/Register
How to prevent spoofing of iBeacons?
Asked Answered
Solved androidiosibeaconspoofing
M

2

6

As far as I can tell, there is nothing to restrict any developer from programming their beacon to use a particular UUID, major, minor or identifier.

In the event I create an iBeacon with a UUID of "foo", what is to prevent another developer of creating a beacon with the same ID and (either accidentally or maliciously) causing my app to display incorrect data ?

Have I misunderstood how iBeacons work ? Please correct me if I'm wrong.

Marotta answered 22/2, 2014 at 13:54 Comment(0)
L
5

This is absolutely true. I have both spoofed the Apple Store's iBeacons (to prove this point) and had my beacons spoofed by Make magazine for the Consumer Electronics Show Scavenger Hunt.

This is not a flaw at all. You just need to design an app that uses iBeacons so spoofing is relatively inconsequential. If you design your app so it doesn't much matter, who cares?

The specific security mechanisms appropriate to counter this depend on the app in question, but there are countless possibilities.

For the CES Scavenger hunt, for example, we simply kept an audit log with timestamps so we'd know if somebody found all the targets impossibly quickly. In the end nobody did this -- our participants were all good sports!

Leeuwarden answered 22/2, 2014 at 18:12 Comment(2)
I think that if enough people spoof your beacons, then the quality of your app can appear to be very poor, because it could have wrong information. Effectively it becomes a shouting problem - whoever shouts louder would be the only ones heard :) (Whoever deploys more beacons, or more powerful transmitters). Perhaps you've already figured out a way to counter this, but so far I don't think my solutions are "elegant". I still need to test my solutions out to see how well they work.Marotta
One solution to this problem is to configure your identifiers dynamically in the app using a service like my company's proximitykit.com . If somebody aggressively spoofs your iBeacons, you can then change the identifiers without re-releasing the app. This could become a back and forth if somebody really wants to sabotage you. But it is far easier to do a DDOS attack on a server, so I doubt this will ever be more than exceedingly rare. It is just too much work for a sabboteur.Leeuwarden
A
1

You can't prevent spoofing of the advertisement packet because there is no central authority that issues universal unique identifiers (UUID's). UUIDs are arbitrarily assigned to a beacon and are not actually guaranteed to be unique.

However, once you have paired your handheld with the beacon, the picture is different. You can program a beacon (or, more specifically, a beacon-like device) to generate absolutely unique information when paired, such as a one-time password or some private-key encrypted handshaking between your app and the paired beacon.

The typical process flow would be:

  1. handset detects ibeacon broadcast, reads UUID + Major/Minor.

  2. handset launches your app (using the didEnterRegion event).

  3. your app requests to pair with the beacon, sends it a command to generate an encrypted response.

  4. your app decrypts the response. If successful, display a happy face! If failure, display a sad face.

Moving forward, I suspect that most beacon systems will be implemented this way. Unless and until the iBeacon standard is updated to accommodate encryption, it will have to be a hybrid approach of ping + pair.

Ahoufe answered 1/12, 2014 at 19:30 Comment(6)
From RFC 4122 Uniform Resource Name namespace for UUIDs (Universally Unique IDentifier), also known as GUIDs (Globally Unique IDentifier). A UUID is 128 bits long, and can guarantee uniqueness across space and time.Fastness
You can assign the same UUID to all your beacons.Ahoufe
Yes you can, you can use the same password on every site. But if you don't purposely assign the same UUID they will be different.Fastness
@Zaph I think that you are not understanding the question that is being answered here. The question was how to prevent spoofing. The answer is, you can't because UUID and Mac addresses can be arbitrarily changed. If you have a way to prevent spoofing, please share it with us, because it would be very useful!Ahoufe
But iBeacons are transmit only devices, correct? They can't receive data. So I don't see how to implement this approach.Selfexcited
Yes, iBeacon is a transmit-only device. I was talking about a hybrid device (Bluetooth Smart) that can broadcast in iBeacon mode, but can also pair and do data transfer in both directions. StickNfind is an example of such a device.Ahoufe

© 2022 - 2024 — McMap. All rights reserved.