... | ... | @@ -5,8 +5,6 @@ By the Briar Team |
|
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
|
|
# Table of Contents
|
|
|
|
|
|
- [Public Mesh Research](#public-mesh-research)
|
|
|
- [Table of Contents](#table-of-contents)
|
|
|
- [Motivation](#motivation)
|
|
|
- [Transport Layers](#transport-layers)
|
|
|
- [Prologue](#prologue)
|
... | ... | @@ -21,7 +19,7 @@ By the Briar Team |
|
|
- [Summary](#summary)
|
|
|
- [Bluetooth](#bluetooth)
|
|
|
- [Resources](#resources)
|
|
|
- [BLE](#ble)
|
|
|
- [Bluetooth Low Energy (BLE)](#bluetooth-low-energy-ble)
|
|
|
- [Security](#security)
|
|
|
- [Pairing Fix](#pairing-fix)
|
|
|
- [Existing Library](#existing-library)
|
... | ... | @@ -179,25 +177,25 @@ The accessibility of Bluetooth API's on most modern day smartphones makes Blueto |
|
|
|
|
|
Background information about Bluetooth:
|
|
|
|
|
|
1. Bluetooth Low Energy
|
|
|
- Bluetooth Low Energy
|
|
|
|
|
|
<https://punchthrough.com/how-gap-and-gatt-work/>
|
|
|
|
|
|
<https://www.oreilly.com/library/view/getting-started-with/9781491900550/ch04.html>
|
|
|
|
|
|
<https://github.com/weliem/blessed-android>
|
|
|
|
|
|
<https://software-dl.ti.com/lprf/simplelink_cc2640r2_sdk/1.35.00.33/exports/docs/ble5stack/ble_user_guide/html/ble-stack/l2cap.html#l2cap-connection-oriented-channel-coc-example>
|
|
|
|
|
|
<https://code.briarproject.org/briar/public-mesh-testbed/-/tree/blessed-gatt>
|
|
|
- <https://punchthrough.com/how-gap-and-gatt-work/>
|
|
|
|
|
|
- <https://www.oreilly.com/library/view/getting-started-with/9781491900550/ch04.html>
|
|
|
|
|
|
- <https://github.com/weliem/blessed-android>
|
|
|
|
|
|
- <https://software-dl.ti.com/lprf/simplelink_cc2640r2_sdk/1.35.00.33/exports/docs/ble5stack/ble_user_guide/html/ble-stack/l2cap.html#l2cap-connection-oriented-channel-coc-example>
|
|
|
|
|
|
- <https://code.briarproject.org/briar/public-mesh-testbed/-/tree/blessed-gatt>
|
|
|
|
|
|
- Bluetooth "classic", specifically RFCOMM
|
|
|
|
|
|
2. Bluetooth "classic", specifically RFCOMM
|
|
|
- <https://developer.android.com/guide/topics/connectivity/bluetooth>
|
|
|
|
|
|
- <https://code.briarproject.org/briar/public-mesh-testbed/-/tree/bt-classic>
|
|
|
|
|
|
<https://developer.android.com/guide/topics/connectivity/bluetooth>
|
|
|
|
|
|
<https://code.briarproject.org/briar/public-mesh-testbed/-/tree/bt-classic>
|
|
|
|
|
|
### BLE
|
|
|
### Bluetooth Low Energy (BLE)
|
|
|
|
|
|
Bluetooth Low Energy is a separate protocol from Bluetooth Classic that is designed to reduce the energy consumption during use, without greatly impacting functional range.
|
|
|
|
... | ... | @@ -223,7 +221,7 @@ We have found that the open source Bluetooth library, [BLESSED](https://github.c |
|
|
|
|
|
#### Android Permissions
|
|
|
|
|
|
On a mobile device, a public mesh Bluetooth service needs to be able to run uninterrupted in the background, and also need to be able to make bluetooth advertisements and connections in the background. To do this, all of the Bluetooth Low Energy based branches of the testbed application request the following permissions:
|
|
|
On a mobile device, a public mesh Bluetooth service needs to be able to run uninterrupted in the background, and also need to be able to make Bluetooth advertisements and connections in the background. To do this, all of the Bluetooth Low Energy based branches of the testbed application request the following permissions:
|
|
|
|
|
|
<uses-permission
|
|
|
android:name="android.permission.ACCESS_COARSE_LOCATION"
|
... | ... | @@ -355,8 +353,7 @@ At its core, peer discovery is similar to the approach listed in the BLESSED sec |
|
|
Because each peripheral has a limited number of read characteristics, protocols built on top of this strategy should prioritize quicker, more frequent connections rather than long lasting data transfers.
|
|
|
|
|
|
A central connects to a peripheral by first by reading the peripheral's allocator characteristic, and confirming it is not already reading from that peripheral. On the connection, the central gives the peripheral it's SESSION<sub>ID</sub>, which is then added to the peripheral's allocator characteristic. By reading this update, the central receives information on which read characteristic to read from. The full handshake as implemented in `blessed-gatt-allocator-vuln` and `blessed-gatt-allocator-pairfix` is outlined below:
|
|
|
[TODO allocator diagram]
|
|
|
|
|
|

|
|
|
It can be noted that this has been a GATT-only protocol so far, the reasoning behind this is that GATT has much greater support among Android devices, especially devices running older hardware. This allocator system allows for an L2CAP-like abstraction to be made on top of regular GATT reads and writes, and this abstraction could also support L2CAP (and potentially other transport layers like Local Service Discovery) under the hood for devices that support it.
|
|
|
|
|
|
#### Notes
|
... | ... | @@ -614,4 +611,4 @@ TODO insert figma designs |
|
|
- <https://www.usenix.org/legacy/events/hotsec10/tech/techAbstracts.html#Aviv> and <https://www.cs.swarthmore.edu/~aviv/papers/aviv-priv_humanets.pdf>
|
|
|
- <https://dtn7.github.io/> and <https://github.com/RightMesh/Terra/> and <https://github.com/NodleCode/dtn7-kotlin/>
|
|
|
- <https://www.netlab.tkk.fi/~jo/papers/2014-04-wons-liberouter.pdf> and <http://liberouter.mobi/> and <https://blog.apnic.net/2018/12/18/librerouter-powering-community-networks-with-free-and-open-hardware/> and <https://research.aalto.fi/en/publications/opportunistic-networking-applications-from-theory-to-practice>
|
|
|
- <http://www.servalproject.org/> |
|
|
- <http://www.servalproject.org/> |
|
|
\ No newline at end of file |