Well, the following situation: Devices need to communicate offline. The only option is Bluetooth. Here, the issue is that Bluetooth's encryption is insecure and broken. See KNOB attack.
Therefore, I'm looking for a way to securely exchange data between two bluetooth devices (e.g.,Android and iOS). My current guess is to establish a TCP/IP connection to make use of typical SSL/TLS libraries with all its other advantages (certificate check etc.) and disable bluetooth's encryption for performance increase.
https://developer.android.com/reference/android/bluetooth/BluetoothSocket
Unfortunately, it appears that this idea is already not supported by Android. They do offer some sort of BluetoothSocket, but that is not a TCP/IP connection afaik. Does anyone know a way to enable a TCP/IP connection between two bluetooth devices? Any other idea to secure that broken bluetooth connection?
Answer is yes. Nevertheless, there is no usable API on Android (before Android 9 via reflections maybe) and it still has the hide annotation on Android 11 in its source code, besides the requirement of a special permission to be used by system apps only.
The only option is to enable Bluetooth tethering via system settings (if available). Next devices connecting over Bluetooth will get an IP address, while the smartphone acts as the router. The access of services on the smartphone is permitted.
Related
I am developing a device that needs to communicate securely to an Android app via Bluetooth. I need that only a predefined phone to be able to communicate with my device for security reason. And I also need to assure that this is not an intruder device that is trying to communicate falsified data to the app.
Looking at Bluetooth specs, I had the impression the only way to do that is with out of band (OOB) authentication with a pre-provisioning temporary key (TK). This looked very promising but after trying to find how to use OOB on an Android app, it seems like it is not supported.
Is it still possible to use OOB authentification on Android ?
If no, is there another alternative to solve my issue ?
This is doable but it depends on the BLE peripheral that you are developing and the features that it supports. Namely, your device needs to support Whitelisting and bonding. This is how it should work.
Upon first connection to the BLE device, the BLE device should accept the connection regardless.
Once the connection is made, the central device (Android phone) needs to initiate bonding. This doesn't need to be Out of Band (OOB) bonding, and the standard Just Works bonding should do.
Once bonding is succesful, the BLE peripheral should add the Android device's IRK to the list of whitelisted devices.
From this point onwards, the BLE peripheral will activate the whitelist, and therefore only devices in the whitelist will be able to connect to your BLE peripheral, and in your case it will be the Android phone that you used to make the very first connection.
It is not straight-forward and requires an initial secure-less connection with the target phone, but if that is not an issue then this should work.
You can find more information about this in the links below:-
Set and activate whitelist with Android phone
Android BLE server - allow only previously connected device to connect
Whitelisting with resolvable random addresses
I have 6 android tablets, and i want to connect them via a cable/wire, so that they can send messages to one another. (perhaps similar to way PCs may be networked with each other)
Once connected, apps running on the devices can exchange messages with each other via sockets or any other protocol. What are the best options?
Connecting devices over wi-fi is an option too, but then internet is not guaranteed in this scenario, and devices may be very far of from each other for any near field communication.
You can use usb->ethernet adapters and connect via LAN
Connecting devices over wi-fi is an option too, but then internet is
not guaranteed in this scenario, and devices may be very far of from
each other for any near field communication.
as long as all your devices and server (if any) are on same LAN or simply everything is connected to same hotspot you need not to worry about internet
i'm working on a wireless ad hoc network, at the moment i still designing my network.
The network should work for android devices.
Until now i thought to use a phone as a hotspot, so nearby devices could connect each other, but what if two hotspots have to speak to each others?
Basically the question is: Can two or more hotspots connect and communicate each other?
Thank you.
Yes, you need to use WiFi Direct for this. When using WiFi direct in concurrent mode, and device can act as both a client and an AP the same time. This is what you need. Whether it will work for you as is, depends on your specific device and driver, but there is support for WiFi Direct in Android since v4.0. Sometimes WiFi Direct is also called WiFi Peer-To-Peer or WiFi P2P and this is what the Android API calls it.
see Android WiFi P2P
With the Android API you can discover other peers and services you define and connect to them.
The WiFi p2p utilities are under very active development, so I am not sure if the Android is currently supporting the concurrent mode. You can try. However, you can also setup your connections directly by using the wpa_supplicant utility which is actually what Android is using internally. I have been able to use this directly from my applications for other purposes. If the version that Android is using is not working, or if you find it a bit unstable, you can get the latest version from the hostap and wpa_supplicant projects. Installing those may require root access though.
Is it possible to let an Android (>4.0) device establish a WiFi-Direct connection with a Mac OS or Windows device?
According to the Wifi-Direct Docs the protocol allows:
Android 4.0 (API level 14) or later devices with the appropriate hardware to connect directly to each other via Wi-Fi
It doesn't look like Google provides this functionality via the API. Although WiFi-Direct isn't a proprietary protocol and could be implemented for any platform. There are a few posts around the web of people trying to get Wifi-Direct to work under windows:
Broadcast message from Desktop PC to Android Device using WIFI connectivity
https://superuser.com/questions/417888/how-do-i-connect-a-laptop-running-windows-7-to-an-android-phone-using-wifi-direct
http://www.intel.com/content/www/us/en/wireless-products/my-wifi-technology.html
http://androidforums.com/android-lounge/552970-howto-wifi-direct-use-your-laptop-desktop-softap-android-reverse-tethering.html
All you need is to use java.net.Socket. Depends on what do you mean by establish direct connection. TCP connection is established when on destination device (windows or mac) you open listening socket by ServerSocket. On other device you can use Socket with destination address. Of course, windows or mac box will propably have to open that port in firewall.
I guess what you actually need to know is how to get name of target computer or how to discover computers on local network. Unfortunately, it does not depend on android version I think. You should check http://en.wikipedia.org/wiki/Zero_configuration_networking about some hints. I fear there might be problem in need to open privileged port on android, as normally you have to be root for that. And that would require rooted android.
Of course you should specify what do you intend with that direct connection and what software do you need. If both ends have your application, you can just open any not allocated and unpriviledged port on android. Use UDP to broadcast periodically name of android device (propably ask user to enter name of his device). Use multicast to send requests, and receive replies the same way. Multicast sending and receiving would require your application on android and on windows and on mac also. Now you can read from multicast application what type of machine it is, and what local port it left open for your direct connection. From source of udp message you know where to connect.
You may use some framework to speed things up. All this require some knowledge about networking, but I don't know simpler and well working solution. Unless you provide details about what is your direct connection to do.
I'm trying to develop an Android application which have to be able to transfer data/message between two Android mobiles, as a client server connection using their own Wifi, which having no network or routers nearby. I just tried using Tcp program to do this but it fails, its not connecting, I'm getting ConnectException and connection refused.
[Edited] Is it possible to achieve this using Android Portable Hotspot integrated with application? Is there any tutorial regarding this approach?
Any Ideas, how to do this?
Thanks.
You need to get the two devices networked to each other before you can worry about tcp usage of that network connection.
If one device is willing to perform access-point like functionality as part of a portable hotspot, and you select that as a wirelss network on the other, you may achieve a network connection between the two that can be used for custom traffic. Though there are ways the hotspot could be implemented where that would not work. Also of concern, the "client" device will now be sending all of its network traffic through the hotspot device, including not just foreground apps but anything it decides to do in the background.