Secure Bluetooth® connection by Endress+Hauser
A secure low energy technology for the process industry developed by Endress+Hauser
Convenient wireless access to field instruments is of increasing interest. Significant security risks emerge with the growing frequency with which instruments are accessed remotely. Developments in the Industrial Internet of Things are leading to interconnected process control components. Endress+Hauser has developed a security layer for Bluetooth® that protects the passwords, using CPace as its core-component. With CPace, the notorious attacks on the Bluetooth® pairing-step are prevented.
Bluetooth® security matters
Secure password-based user authentication plays a special role today, particularly when devices with wireless interfaces such as Bluetooth® are involved. As it is extremely difficult to protect passwords, Endress+Hauser's CPace uses a powerful PAKE technique which was derived from the PACE method used in German ID cards. With CPace, Bluetooth® connections to measuring instruments are always secure, even in cases where users have assigned relatively short passwords.
Bluetooth® security by Endress+Hauser is recommended by IETF
In 2020 CFRG, the Crypto Forum Research Group of the Internet standardization body IETF, chose the Endress+Hauser in-house solution CPace as winner (“Recommended for use in internet protocols”) as the result of a comprehensive security analysis. And independently, in 2016, the Munich-based Fraunhofer Institute AISEC classified the protection level of the Endress+Hauser Bluetooth® security extension as “high”.
Find out more in the Fraunhofer Institute evaluation security analysis.
Benefits
Increased usability, time efficiency and security of your plant when using Bluetooth® devices thanks to CPace
Secure use of passwords in industrial plants independent of the password length and availability of a complex PKI infrastructure by utilizing PAKE protocols
Usage independent of device type and power specifications due to verification of only one procedure
Prevention of phishing and man-in-the-middle attacks by using asymmetric cryptography
Stronger security than other solutions in standard use (e.g. pre-shared key) – Endress+Hauser solution recommended by IETF