Final Project Review

Team TessierBrandon Thorpe

Michael Shusta

Telin Kim

Lucas Root

Outline• System Overview and Demo

• Security Analysis

• Cost Analysis

• Project Deliverables

The Bluetag System

• Tag

• Consumer Software

• Retailer Software

Client

Bluetag Database

Locked Item

IDB

Store Inventory

• Housing: – 4.25” x 2” x 1.25”– Blue photopolymer, $150

• PCB: – 3” x 1.5”– Mini solenoid

• Power– 78mW DC connected, 911mW transient (unlock)– Recharge jack, on-off switch

Tag Overview

User Account Creation

• Bluetag website enables users to create valid accounts before entering a store

• Email address, password, and credit card information

• Written in HTML and PHP

Retailer Software

Client Session

IDB IDB GUI

Inventory and Bluetag

Databases

Client Session

Client Session

Client Session

Phone Software

Typical Use-case:

1. Enable Bluetooth on your phone, connect to BLUETAG wireless network

2. Login

3. Enter tag visual ID, connect to tag

4. Click “Buy”

5. Verify tag unlocked

System Security• Protection of sensitive information

– Unlock codes– User account information

• Potential vulnerabilities– Database attack– Bluetooth monitoring– WiFi monitoring– Physical abuse

Bluetooth Security

Existing Measures

• Frequency hopping (can be cracked)

• Encryption (many weaknesses)

Bluetag Additions

• Dynamic unlock codes

• Unlock code mapping

Bluetooth Security

Smartphone Software

Tag Database

Unlock Code

Unlock Code X

X

EEPROM Memory

Process Unlock Code

Mapped Code

Retailer Software Tag Software

Reset Process

Purchase Process

WiFi Security

Database

RSA encrypted at 512 bits

The number of possible keys : 2512 = 1.34E154 ;With a device that could check 1E18 keys per second,It will require 4.25E128 years to try all keys;

Where age of universe = 1.3E10 years

Cost Analysis

Cost Analysis

Meeting Project Goals

• Full Bluetag system delivered

• Highly secure

• Cost effective

• Lightweight, handheld tag

• Readily deployable