Blind and Anonymous Authentication over BLE using Zero-Knowledge Proofs and Covert Channels

Download PDF
Open Webpage

Carmen Bisogni, Aniello Castiglione, Maddalena Migliaccio, Annalaura Miglino, Michele Nappi

Published: 2025, Last Modified: 13 Nov 2025CSCS 2025EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: This paper presents a legal and privacy-preserving use of a covert channel built over BLE, specifically between two Android devices. A custom communication protocol has been designed and implemented through a dedicated mobile application, leveraging BLE advertisement packets for unidirectional message exchange. The protocol integrates non-interactive Zero-Knowledge Proofs (ZKPs) to strengthen the authentication mechanism while preserving anonymity. This allows the receiver to verify the sender’s legitimacy without revealing or exchanging identifying information, achieving blind authentication in a fully connectionless and decentralized architecture. The resulting system enables encrypted, anonymous, and verifiable communication over BLE without pairing or persistent sessions. Experimental validation confirms the protocol’s feasibility, efficiency, and resilience against common wireless threats like spoofing, replay, and message injection. This work demonstrates how BLE and ZKP can be combined to form a secure, privacy-preserving covert communication framework applicable in real-world mobile environments.