This action might not be possible to undo. Are you sure you want to continue?
Bluetooth is a way of connecting machines to each other without cables or any other physical medium. It uses radio waves to transfer information, so it is very easily affected by attacks. In this let me first give some background information about Bluetooth system and security issues in ad hoc networks, a security framework is introduced for the description of the Bluetooth security layout. Then both link-level and service-level security schemes are discussed in detail on the basis of the framework and then it concentrates on specific security measures in Bluetooth, mainly authentication, encryption, key management and ad hoc aspects. Corresponding countermeasures are also proposed in order to improve the Bluetooth security.
Bluetooth is a wireless communications specification named after the 10th century Danish King Harald Blatland, or “Bluetooth”. King Harald united the separate kingdoms of Denmark and Norway. The Bluetooth specification is intended to “unite” separate personal computing devices such as laptops, PDAs, palmtops, cell phones and peripherals, like printers for example. In short, Bluetooth is wireless technology intended for short-range radio links to replace cables. Its primary features are voice and data capabilities, robustness, low complexity, low power and low cost.
1.1 THE BLUETOOTH SPECIFICATION
L. M. Ericsson of Sweden invented Bluetooth in 1994. The Bluetooth Special Interest Group (SIG) was founded by Ericsson, IBM, Intel, Nokia and Toshiba in February 1998, to develop an open specification for short-range wireless communications. The group now consists of over 1900 companies. Bluetooth is built around the notion of a Personal-Area Network or PAN. It operates in the 2.4GHz radio frequency band, offers 721Kb data rates, and has a range of approximately 10 meters. Application of Bluetooth technology has also been extended to offer wireless access to LANs, PSTN, the mobile phone network and the internet. Since it operates in the 2.4GHz ISM band, the Bluetooth standard is targeted for worldwide approvals so that, anywhere in the world, any Bluetooth enabled device can connect to other Bluetooth devices in its proximity, regardless of manufacturer. According to the specification, Bluetooth devices communicate wirelessly in short- range, ad hoc networks called piconets. Each device can simultaneously communicate with up to seven other devices in the piconet. Also, each device can be a participant in several piconets. These piconets are established automatically as devices enter and leave the radio network.
As a specification, Bluetooth has some new and unique capabilities, but borrows heavily from prior standards, including Motorola's Piano, IrDA, IEEE 802.11, and Digital Enhanced Cordless Telecommunications (DECT). The Bluetooth SIG adopted Motorola's Piano to provide for "Personal-Area Networks," (e.g. piconets) to extend the original Bluetooth concept beyond simple cable replacement. Bluetooth voice transmission features are derived from the DECT specification. IrDA specifications give Bluetooth its object exchange capabilities. The IEEE 802.11 specification provided Bluetooth with the 2.4GHz ISM band, frequency-hopping spread spectrum (FHSS), authentication, privacy, power management, and wireless LAN potential. This report gives information about the security measures of Bluetooth, where we examine the Bluetooth security architecture in detail, how they should be different from the old security measures of the cable-connected world and are they sufficient enough, so that Bluetooth can be used for everyday communications. I have examined the Bluetooth security in two parts according to the framework proposed, including the build-in link-level Bluetooth security as the main part, and the service level Bluetooth security architecture as the practice part, respectively. And what possible uses it has.
The Bluetooth works for the wide range of applications. These range from straightforward cable replacement to sophisticated networking applications. Examples: Wireless headsets for cell phones for hands-free, wire-free phone calls. Wireless PC Mouse connection to the PC using Bluetooth. Wireless printing between a PC or handheld and a Bluetooth enabled printer. Wireless barcode scanner input for retail and warehousing. Automated synchronization of Personal Digital Assistant (PDAs) and PCs using Bluetooth. Ad hoc networking and file sharing between PCs, PDAs & laptops in a meeting. Automated cell phone dialing from a laptop’s contact database with logging of the activity on
including office appliances. The Bluetooth specification has had a number of “holes” which left too much latitude between vendors’ implementations. handsets. electrical paying and banking. home appliances. and mobile phones. printers. projectors. PDAs. DVD players. 1. e. For many situations were the physical elimination of inconvenient cables that take space and limit device placement. e. provides a simple and fast path to ad hoc networks with minimal equipment and overhead. notebook. scanners.VPCOE.4 CHALLENGES Widespread adoption of Bluetooth still faces significant hurdles. the presence of wires creates problems and task interference issues. digital cameras. scales. everyone can see changes to the shared material on his or her own computer. e. and desktop wirelessly. First and foremost. With automatic synchronization enabled. printers. wireless office and meeting room. the laptop. While the specification continues to be worked on by the Bluetooth SIG and 4 . pagers. refrigerators. cooking ovens. intelligent parking. Synchronize contact information between a cell phone.g.g. PDA. other PCs. Bluetooth is suitable for a wide range of applications. communication appliances. washing machines.g. smart home and vehicle. e. The wide range of device types and standard interface make by Bluetooth. BLUETOOTH SECURITY Internet access for Bluetooth used devices via the Bluetooth enabled device on the Internet. 1. and thermostats. The multi-point capabilities of Bluetooth communications allows one interface to support communications a set of wired and wireless devices are Bluetooth connectable. Bluetooth wireless networking. Which allows selection of devices optimized each for their particular functions. there remain interoperability issues between products from different vendors. In industrial and commercial applications.3 BENEFITS The most basic benefit from Bluetooth is of simple cable replacement between two devices. speakers. and PDAs. laptops.g.Baramati. etc. desktop PCs. in general.
VPCOE. Secondly.5 PROSPECTS Cable replacement and Wireless Personal-Area Networks (PANs) represent the major opportunities for Bluetooth technology in the near future. For Bluetooth technology to achieve ubiquitous adoption. To be fair. vendor implementations can vary. there are concerns around security. Bluetooth specifications and products will mature and eventually these issues will be resolved. much greater speed and range and costs in line with early Bluetooth radios. interoperability between products is still somewhat spotty. interoperability. as with many emerging technologies. as a wireless technology.15 task group. Then Bluetooth adoption will grow exponentially. 1. There is potential for interference in HIGHLY congested areas. While the basic security and encryption capabilities of the specification are fundamentally sound. BLUETOOTH SECURITY the IEEE 802. vendors must bring more. and a wider array of products to market and chip pricing must become significantly less expensive. This technology has many of the same capabilities as Bluetooth. Finally. security and interference issues must be addressed. 5 .Baramati.11b wireless LAN technology which has seen tremendous market acceptance and price drops in the past two years. there is significant competition from IEEE 802. Testing is advised. Information could be intercepted by other devices.
provides a uniform command interface to access capabilities of hardware. RFCOMM protocol. i. and multiple usage models for the Bluetooth devices to establish the speech and data calls and provide FAX and modem services. LMP. FTP. and SDP. mobility management procedures. L2CAP.10 that emulate serial line control and data signals over Bluetooth Baseband to provide transport capabilities for upper level services. WAP.VPCOE. control and event registers.. 3. 4. etc. are used to define the call control signalling. Cable Replacement Protocol. 2. Host Controller Interface (HCI). is based on the ETSI TS 07. 6 . e. etc. BLUETOOTH SECURITY CHAPTER-2 BLUETOOTH PROTOCOL OVERVIEW Figure 2. Telephony Control Protocols. Baseband controller. WAE. link manager.e. additional protocols (e. including TCS Binary and AT-commands. Adopted Protocols. UDP/TCP/IP. 5. i. Bluetooth Core Protocols. which can be divided into four layers according to their purpose.g. HTTP.) can be accommodated in an interoperable fashion.g.e. Due to the open nature of the Bluetooth specification. comprise exclusively Bluetooth-specific protocols developed by the Bluetooth SIG that are required by most of the Bluetooth devices. in the following way: 1.1 illustrates the Bluetooth protocol stack. including Baseband. including PPP. the boundary between hardware and software.Baramati.
The protocol of L2CAP provides 7 . BLUETOOTH SECURITY Figure 2. Furthermore. Other functions include error correction. Based on the physical radio link.1 Bluetooth protocol stack. The Bluetooth protocol LMP is responsible for link set-up between Bluetooth devices.Oriented (SCO) and Asynchronous Connectionless (ACL) to support the transmission of data and/or audio with corresponding packets. This includes security aspects and the control and negotiation of Baseband packet sizes. · Link Manager Protocol (LMP). · Logical Link Control and Adaptation Protocol (L2CAP). Bluetooth core protocols. Not all applications make use of all the protocols shown in Figure 2. i. and the connection states of a Bluetooth unit in a piconet. applications run over one or more vertical slices of this protocol stack. Nevertheless. it controls the power modes and duty cycles of the Bluetooth radio device.e. and Adopted Protocols form the application-oriented protocols that enable applications to run over the Bluetooth core protocols. The layers of Cable Replacement. link management and control. applications may run over different protocol stacks. each one of these different protocol stacks uses a common Bluetooth data link and physical layer. the Baseband can form the piconets between Bluetooth units and decide the roles of master and slave in the piconet.VPCOE. The Baseband provides physical links of both Synchronous Connection.Baramati. etc. audio transmission. In other words.1 Instead. Telephony Control. including: · Baseband.
and the characteristics of the services.Baramati. · Service Discovery Protocol (SDP).VPCOE. segmentation and reassembly operation. L2CAP is defined only for ACL links. according to which a suitable connection between two or more Bluetooth devices can be established. 8 . Using SDP to discover services is a crucial part of the Bluetooth framework and provides the basis for all the usage models. BLUETOOTH SECURITY connection-oriented and connectionless data services to the upper layer protocols over the Baseband. services information. which permits higher level protocols and applications to transmit and receive L2CAP data packets. SDP query device information. with protocol multiplexing capability. and group abstractions.
Both data and control information can be encrypted. Authentication is performed for both devices and users. • Authentication: means the ensuring of the identity of another user. This is where the concept of“trusted” exist.1 Basic Definitions A total of three different information security objectives are to be reached one or all. Authorization always includes authentication.Baramati. Availability means that the data is always available for authorized use. In this there are two kinds of features that make attacks more difficult. Integrity means that the data cannot be modified during transfer and stored by adversaries. which can reduce the radio spread range for data transmission exactly according to requirements based on the detected intensity. BLUETOOTH SECURITY CHAPTER-3 SECURITY FRAMEWORK The Bluetooth technology provides security at both the application layer and the link layer. A hop selection mechanism of up to 1600 hops/sec is used to avoid the interference from external or other piconets. so that he knows to whom is communicating with. Confidentiality means that the data can only be used by authorized users and/or parties. An automatic output power adaptation scheme is also included in the standard for the low power consumption of light-weight mobile devices. Bluetooth gives three main techniques to achieve security features: • Encryption: The process of transforming data into a form that it cannot be understood without a key. • Authorization: The process of deciding. This is the process of deciding if device X is allowed to have access to service Y. 3. In which to verify ‘who’ is at the other end of the link.VPCOE. if a device is allowed to have access to a service. Bluetooth uses link level security where 9 .
On the other hand the low transmission power prevents the transmission to propagate far and makes it harder to cut between the transmission. which uses 79 fast different frequency-hopping radio channels. Only the packet payload is encrypted. 10 . 3. FHSS also add security on data transmission between devices since it makes it harder to eavesdrop. FHSS prevents this interference to cause too much harm.VPCOE. never the access code and the packet header. More of these later in the paper. example microwave oven. The trusted level requires a fixed and trusted relationship and it has unrestricted access to all services. The untrusted device doesn’t have fixed relationship and its access to services is limited. The encryption is done with a stream cipher E0. A new device is labelled as unknown device and it is always untrusted.2. since it changes transmission frequency 1600 times per second and if there is an interference at some frequency. All the devices get a status when they connect the first time to another device. only that one transmission is damaged. An untrusted device can also have a fixed relationship. The information on a BT packet can be protected by encryption. Bluetooth uses the same frequency than other household machines.Baramati.1 Device Trust Level The devices can have two trust levels. which can cause interference.2 Security Levels Bluetooth has several different security levels that can be defined for devices and services. BLUETOOTH SECURITY each connection is given a unique secret authentication key and encryption key that is derived from the first one. which is synchronised for each payload. but it’s not considered as trusted. Communication between different Bluetooth (BT) devices use spread spectrum (FHSS) technique. The device has to be previously authenticated. trusted and untrusted. 3.
BLUETOOTH SECURITY 3. In effect. 11 . such as exchanging business cards. Broadcast traffic is not encrypted. the Bluetooth device in Mode 1 is in a promiscuous mode that allows other Bluetooth devices to connect to it. In this nonsecure mode. A service level enforced security mode. All traffic is encrypted with the master key. but the individually addressed traffic is encrypted with the master key. there are several encryption modes available. A link-level security in which a Bluetooth device shall initiate security function before the link set-up.1. A link level enforced security mode. Service-level security where a device does not initiate security function before channel establishment and whether to initiate or not depends on the security requirements of the requested channel or service.VPCOE. This mode is provided for applications for which security is not required.Bluetooth has three different security modes build in it and they are as follows: Security Mode 1 A device will not initiate any security. If a master key is used. Individually addressed traffic can be either encrypted or not. If a unit key or a combination key is used. A non-secure mode.Baramati.1 Security Modes In Device Trust Level Each Bluetooth device can work on one of the three security modes.2. Security Mode 2 A device does not initiate security procedures before channel establishment on L2CAP level This mode allows different and flexible access policies for applications. Security Mode 3 A device initiates security procedures before the link set-up on LPM level is completed. especially running applications with different security requirements in parallel. there are three possible modes. broadcast traffic is not encrypted. A device will not initiate any security procedures. the security functionality (authentication and encryption) is completely bypassed. Depending on whether a device uses a semi link key or a master key.
connecting to the application.2. Usually the device has been previously authenticated but has not been marked as “trusted”. An authorized device has unrestricted access to all or some specific services. Authentication required: Before must be authenticated. before access to the service is possible. The security level of a service is defined by three attributes: Authorisation required: Access is only granted automatically to trusted devices or untrusted devices after an authorisation procedure. the remote device 12 . An unknown device is also an untrusted device. Basically this means that the device has been previously authenticated is marked as “trusted”.e. Encryption Required: The link must be changed to encrypted mode. The Bluetooth device initiates security functions after the channel is established. When the connection is set there are different levels of security where the user can choose from. and encryption can be set independently. i. including services that require authorization and authentication. Three levels of service security are used to be defined so that the requirements for authorization. The need for authorisation. To secure devices two security levels can be defined. and services open to all devices. services that require authentication only. authentication. At this level trusted device has access to the services. Usually there is a need for restrictions so the user can set the service so that it needs authentication.2 Security Level of Services Service-level security. An unauthorized device has restricted access to services.VPCOE.Baramati. On the lowest level the services can be set to be accessible to all devices. at the higher layers. When the highest level of security is needed the service can require authorisation and authentication. authentication and encryption changes. but untrusted device needs manual authorisation. BLUETOOTH SECURITY 3. Bluetooth allows different security levels to be used for devices and various services.
The Bluetooth device initiates security functions before the channel is established.VPCOE.Baramati. Figure 4. In the figure. Generally the whole scheme is divided in four levels as shown below in the figure.1: Bluetooth link-level security scheme. BLUETOOTH SECURITY CHAPTER-4 LINK LEVEL SECURITY Link-level security. 13 . This is the in-built security mechanism. Figure 4.1 illustrates the link-level security framework of Bluetooth. the Bluetooth devices (the claimant) try to communicate the other device (the verifier).
14 .1.Baramati. which is used between two BT devices for authentication purpose.1 Key Management Scheme There are several kinds of keys in the Bluetooth system to ensure secure transmission. Using the link key an encryption key is derived. Figure 4.2: Bluetooth key structure. The most important key is the link key.1 Link key There are four link keys to cover the different applications it is used for. This secures the data of the packet and is regenerated for all new transmissions. BLUETOOTH SECURITY 4.VPCOE. 4. All the keys are 128-bit random numbers and are either temporary or semi-permanent.
4. It over rides the current link key only for one session. 4.5 The initialisation key Kinit. Each time encryption is needed the encryption key will be automatically changed. This key is generated for each pair of devices and is used when more security is needed. is derived from two units A and B. 4. The storage of KA requires little memory space and is often used when device has little memory or when the device should be accessible to a large group of users. is used when the master device wants to transmit to several devices at ones.Baramati.2 Unit key KA. is derived at the installation of the Bluetooth device from a unit A. 4. since device has to store one combination key for each connection it has.3 Combination key KAB. BLUETOOTH SECURITY 4. This key protects initialisation parameters when they are transmitted.1. This key is formed from a random number.1. This requires more memory.1.6 Encryption key Encryption key is derived from the current link key.1.1. an L-octet PIN code. The purpose of separating the 15 . is used in the initialisation process. and the BD_ADDR of the claimant unit.VPCOE.4 The master key Kmaster.
Baramati. 4. but it is safer to enter it to both units. The length is usually 4 digits.3: Bluetooth key structure.VPCOE. The user can change it when it wants to and this adds security to the system. BLUETOOTH SECURITY authentication key and encryption key is to facilitate the use of a shorter encryption key without weakening the strength of the authentication procedure. but it can be anything between 1 to 16 octets.7 PIN code This is a number. Figure 4. which can be fixed or selected by the user. 16 .1. The PIN can be used entering it into one device (fixed PIN). Example the latter one can be used when there is a laptop and a phone to be connected.
So the verifier may not necessarily be the master. who then makes sure the responses match. The claimant sends the response to the verifier. so a successful authentication is based on the fact that both participants share the same key. the verifier sends the claimant a random number for authention. The used application indicates who is to be authenticated.VPCOE. The protocol uses similar keys. the claimants Bluetooth Device Address and the current link key to get a response. where both parties are authenticated in turn. Then both participants use the authentication function E1 with the random number. Figure 4. First. BLUETOOTH SECURITY 3.4: Challenge-response for the Bluetooth authentication. The waiting time decreases exponentially to a minimum when no failed authentication are made during a time period. The period of time doubles for each subsequent failed attempt from the same address reached.Baramati. there is a period of time that must pass until a new attempt at authentication can be made. 17 .2 Authentication Scheme The Bluetooth authentication scheme uses a challenge-response strategy in which a 2-move protocol is used to check whether the other party knows the secret key. If the authentication fails.
The E0 stream cipher consists of the payload key generator.Baramati. there are several encryption modes available. broadcast 18 .5: Encryption procedure. The payload key generator combines the input bits in an appropriate order and shifts them to the four Linear Feedback Shift Registers (LSFR) of the key stream generator. The encryption key (KC) is generated from the current link key. If a unit key or a combination key is used. the key stream generator and the encryption/decryption part.3 Encryption Scheme Figure 4 shows the encryption procedure. This is done with a stream cipher E0. Depending on whether a device uses a semi-permanent link key or a master key. The Bluetooth encryption system encrypts the payloads of the packets. which is re-synchronized for every payload.VPCOE. BLUETOOTH SECURITY 3. Figure 4.
0). Individually addressed traffic can be either encrypted or not. a 128-bit random number. 36. In encryption mode 1. all traffic is encrypted with the master key. In the key size negotiation. 8. there is a parameter defining the maximum allowed key length. In each device. 0) and (39. 33 and 39. The slave can either accept and acknowledge it. or send another suggestion. 19 . 0). 16. the application aborts the negotiation and the encryption cannot be used. until a consensus is reached or one of the devices aborts the negotiation. 12. In every application. there is defined a minimum acceptable key size.Baramati. the Bluetooth device address of the device and the 26-bit value of the master clock. The polynomials used are (25. 0). 12. 4. In encryption mode 2. and if the requirement is not met by either of the participants. nothing is encrypted. The encryption algorithm uses four LFSRs of lengths 25. 31. (31.VPCOE. 24. 24. The initial 128-bit value of the four LFSRs is derived from the key stream generator itself using the encryption key. 28. with the Hamming weight of 5. BLUETOOTH SECURITY traffic is not encrypted. If a master key is used. As the encryption key size varies from 8 bits to 128 bits. with the total length of 128. the size of the encryption key used between two devices must be negotiated. 20. but the individually addressed traffic is encrypted with the master key. broadcast traffic is not encrypted. This is necessary to avoid the situation where a malicious device forces the encryption to be low in order to do some harm. And in encryption mode 3. This is continued. The abortion of the negotiation is done by the used application. there are three possible modes. the master sends its suggestion for the encryption key size to the slave. 28. The feedback polynomials used by the LFSRs are all primitive. (33. 4.
with the following functions: • Store security-related information on both services and devices into corresponding service and device databases. i. BLUETOOTH SECURITY CHAPTER 5 SERVICE LEVEL SECURITY This section gives basic issues involved in the implementation of security mechanisms.g. the boundary between hardware and software. • Query Personal Identification Number (PIN) entry to set-up trusted device relationship. i. with protocol 20 . Figure 5.10 that matches serial line control and data signals over Bluetooth Base band to provide transport provides connection-oriented and connectionless data services to the upper layer protocols. • Command the link manager to enforce authentication and/or encryption before connecting to the application. Host Controller Interface (HCI). The key component in the architecture is a security manager. RFCOMM protocol. • Permit or refuse access requested by protocol implementations or applications. Authentication should be performed after determining what the security level of the requested service is.VPCOE. link control and event registers.Baramati. Logical Link Control and Adaptation Protocol (L2CAP). using the HCI. That is to say. provides a uniform command interface to access capabilities of hardware. this is an approach for a flexible security architecture built on top of the link-level security features of Bluetooth.1 gives the general security architecture. This protocol multiplexing capability. is based on the ETSI TS 07. Such a centralized security manager is flexible to implement different access strategy policies and easy to add new strategy without affecting other parts.e. e. The security manager acts as a bridge to join application level and link level security controls together and thus helps in providing end-to-end security.e. Cable Replacement Protocol. the authentication can only be performed when a connection request to a service (SCO link) is submitted. link manager.
service-level security governs access to the services on Bluetooth devices.VPCOE.1 Bluetooth Security Architecture After the Bluetooth link is established. It also stores other routing information for the services. BLUETOOTH SECURITY The Device database stores information about the device type. This access can be limited at the device and service level. A Bluetooth device can be “trusted” or “untrusted” when attempting to access services on another device. A trusted device has unrestricted access to all services on the other device. Figure 5. authorization and encryption requirements for the services. the trust level (whether trusted or untrusted) and about the link key (used for encryption) length. capabilities for upper level services.Baramati. The Service database stores information regarding the authentication. an untrusted device may have its access to services limited. In contrast. Dell recommends that customers 21 .
Dell recommends that customers: • Enable encryption of services. • Avoid storing confidential files in a portable computer's Bluetooth shared folders. the need to limit access to a particular device such as a printer.Baramati. BLUETOOTH SECURITY configure each device and service with appropriate security measures based on the sensitivity of the data involved. 22 . and so forth.VPCOE. • Avoid pairing devices in a public place where the signal can be easily picked up. For further Bluetooth security. • Manage “discoverability” of your device by other devices.
2. This is because every paired device can impersonate any other device holding the same unit key. Scalability problems frequently yield security problems. unit keys have not been completely removed from the specification.Baramati. _ Encryption key length is negotiable: The Bluetooth SIG needs to develop a more robust initialization key generation procedure. BLUETOOTH SECURITY CHAPTER 6 PROBLEMS IN THE SECURITY OF BLUETOOTH _ Strength of the challenge-response pseudorandom generator is not known: The Random Number Generator (RNG) may produce static number or periodic numbers that may reduce the effectiveness of the authentication scheme. Since Bluetooth version 1. _ The master key is shared: 23 . _ Unit key is reusable and becomes public once used: A unit key is a link key that one unit generates by itself and uses as a link key with any other device. which are used for the generation of link and encryption keys. _ Short PINS are allowed: Weak PINs. But. Unit keys can only be safely used when there is full trust among the devices that are paired with the same unit key.VPCOE. can be easily guessed. the use of unit keys is not recommended. _ An elegant way to generate and distribute PINs does not exist: Establishing PINs in large Bluetooth networks with many users may be difficult. People have a tendency to select short PINs. for legacy reasons. Increasing the PIN length in general increases the security.
BLUETOOTH SECURITY The Bluetooth SIG needs to develop a better broadcast keying scheme. derived from shared information. _ No user authentication exists: Device authentication only is provided. Application level security and user authentication can be employed.Baramati.VPCOE. is disclosed. The Bluetooth specification requires a time-out period between repeated attempts that will increase exponentially. _ E0 stream cipher algorithm is weak: The stream cipher E0 has its roots in the so-called summation combiner stream cipher. Recent cryptanalysis shows that the E0 cipher is weaker than this. _ Unit key sharing can lead to eavesdropping: A corrupt user may be able to compromise the security between (gain unauthorized access to) two other users if that corrupt user has communicated with either of the other two users. _ Attempts for authentication are repeated: The Bluetooth SIG needs to develop a limit feature to prevent unlimited requests. 24 . that user’s activities could be logged. This is because the link key (unit key). resulting in a loss of privacy. _ Key length is negotiable: A global agreement must be established on minimum key length. This was a stream cipher that was proposed by Massey and Rueppel in the mid-1980s. _ Privacy may be compromised if the Bluetooth device address (BD ADDR) is captured and associated with a particular user: Once the BD ADDR is associated with a particular user. The most powerful attacks on this type of stream ciphers are the correlation attacks in combination with exhaustive search over a limited key space (this is sometimes also referred to as initial guessing).
BLUETOOTH SECURITY _ Device authentication is simple shared-key challenge-response: One-way-only challenge-response authentication is subject to man-in-the-middle attacks. these can be developed at particular points in a Bluetooth network. 25 . and other services do not exist.VPCOE. Applications software above the Bluetooth software can be developed. If needed. _ End-to-end security is not performed: Only individual links are encrypted and authenticated.Baramati. _ Security services are limited: Audit. Data is decrypted at intermediate points. nonrepudiation. Mutual authentication is required to provide verification that users and the network are legitimate.
a certain amount of time must elapse before the verifier will initiate a new attempt to the same claimant and before the claimant sends a response to an authentication attempt by a unit using the same identity as the unit that notified an authentication failure. For each additional authentication failure. for example. 26 . The attacker must somehow know the context of the payload data to conduct changes that are meaningful or effective.1 Impersonation attack by inserting/replacing data When no encryption is activated.2 Bluetooth Wardriving Map the physical whereabouts of users carrying Bluetooth-enabled devices. making the system decline trustable devices. In a practical system were encryption is activated. 7. an anonymity mode is needed. The resulting system degradation can. BLUETOOTH SECURITY CHAPTER 7 BLUETOOTH SECURITY ATTACKS 7. this can easily be achieved by correctly setting the CRC check data in the payload after the data in the payload has been changed. The attacker prevents or prohibits the normal use or management of communications facilities. 7. the attacker can compute how to modify the CRC to make it agree with modifications in the encrypted data bits. Devices operating in anonymous mode regularly update their device address by randomly choosing a new one. To protect a device against location tracking. Since each Bluetooth device is freely broadcasts its unique 48-bit address. If the attacker simulates a trustable device during these DoS. be the result of the system being fully occupied by handling bogus connection requests. When ciphering is activated. the waiting interval should be exponentially increased until a certain maximum value is obtained.VPCOE.3 Denial-of-Service attack on the device When the Bluetooth authentication fails. it is possible to track the user movements. it is not at all easy to make something useful of this attack beyond the point of just disrupting the communication.Baramati.
4 Disclosure of keys _ A Bluetooth device attached to the computer may be exchanged for a false one. BLUETOOTH SECURITY 7.5 Unit key attacks A unit that uses a unit key is only able to use one key for all its secure connections.VPCOE.Baramati. _ A rightful USB plug or PCMCIA card may be removed from the owners computer and inserted into a corresponding slot of the adversarys computer. the unit key was introduced in order to reduce memory requirements on very limited devices and remains part of the standard for backward compatibility reasons. but ensuring that it no longer appears in the target’s register of paired devices. Consequently. The unit will be able to impersonate the unit distributing the unit key. Once the list of keys has been read out. who may be completely unaware. the USB plug (or card) is returned to its proper owner. it has to share this key with all other units that it trusts. 7. On this computer. Hence. and make use of any service the phone offers over Bluetooth. whose only purpose is to ’suck’ out link keys from the host. _ Malicious software A Trojan horse disguised as something quite innocent can send the key database to some place where the adversary can access it. they are unlikely to notice anything untoward. Originally. 7. one or more keys stored on the Bluetooth controller can be read out. the attack can quickly spread to a large number of computers. If this malicious code is distributed through a virus or worm. the adversary can silently connect to the mobile phone. Once the link key of a computer and phone (and the BD ADDR of the computer) is known.6 Backdoor attack The Backdoor attack involves establishing a trust relationship through the ”pairing” mechanism. The potential risks with units keys have also been recognized by the Bluetooth SIG. a trusted device (a device that possesses the unit key) that eavesdrops on the initial authentication messages between two other units that utilize the unit key will be able to eavesdrop on any traffic between these two units. In this way. unless the owner is actually observing their device at the precise moment a connection is established. and the attacker may 27 . impersonate the computer.
This means that not only data can be retrieved from the phone. or printer. Call forwarding diverts can be set up. Once the Backdoor is installed. the Bluesnarf attack will function on devices that previously denied access. 7. The attacks only work if the attacker is present at the pairing occasion. This latter is done via a voice call over the GSM network. contact management. or for identity theft by impersonation of the victim. which typically only occurs once between one pair of devices. such as modems or Internet. Bluetooth access is only required for a few seconds in order to set up the call. while the loophole identified in BlueBug allows to control the device via a plain serial connection. If pairing is performed in public places during a connection to an access point. and without the restrictions of a plain Bluesnarf attack. which can then be exploited using standard off the shell tools. this can be a dangerous threat. allowing the owner’s incoming calls to be intercepted. it is possible to use the phone to initiate calls to premium rate numbers. such as PPP for networking and gnokii for messaging.Baramati. and even monitor conversations in the vicinity of the phone. 7. thereby giving full access to the AT command set. BLUETOOTH SECURITY be free to continue to use any resource that a trusted relationship with that device grants access to. point-of-sale machine.WAP and GPRS gateways may be accessed without the owner’s knowledge or consent.9 PSM Scanning Works on the idea that not all PSM (Protocol/Service Multiplexer) ports are registered with the local SDP (Service Discovery Protocol). 7. either to provide a channel for calls to more expensive destinations. With this facility.1 specification is sensitive to passive and active attacks on the pairing procedure. read sms messages.8 BlueBug attack The BlueBug attack creates a serial profile connection to the device. but other services. so the listening post can be anywhere in the world.VPCOE. Bluesnarf attack does allow the unauthorized downloading of items via the OBEX protocol.7 Pairing attack The Bluetooth 1. diverts and initiating calls. connect todata services such as the Internet. So if we bypass the SDP database and try and connect 28 . send sms messages.
11 Attack on the Bluetooth Key Stream Generator Break the security of the cipher.14 Man-in-the-middle attack Intervention of traffic during pairing Bluetooth authentication does not use public key certificates to authenticate users. simply sniff the EN RAND in addition 7.VPCOE.10 Off-line encryption key (via Kc) Extends on from the Kinit recovery attack Very similar method as 2 of 3 needed seeds are known (i.58 operations.12 Reflection Attack A hacker can capture the MIN and ESN and pretend to be someone else Stealing the Unit Key Highlights weakness of only authenticating the device and not the user 7. 7. 7. 29 .Baramati. Algebraic attack on the Linear Feedback Shift Register Work effort circa 2ˆ67.master clock and Kc).e.13 Replay attacks A hacker can record Bluetooth transmissions in all 79 frequencies and then in some way figure out frequency hopping sequence and then replay the whole transmission. to PSM’s sequentially we may locate hidden functionality Impact: BLUETOOTH SECURITY _ No PSM’s found to-date that offer other than advertised services _ Idea could be used to create a ’knock’ style backdoor for Bluetooth devices 7.
the Bluetooth's security seemed to be adequate only for small ad hoc networks. comparing. the more sophisticated security methods may be implemented. but is Bluetooth secure enough for larger networks.VPCOE. As was seen. some of the Bluetooth security mechanisms. security sensitive work. BLUETOOTH SECURITY CONCLUSION We have now examined Bluetooth in general. Connecting a Personal Digital Assistant (PDA) to a mobile phone using Bluetooth may also be secure enough. Bluetooth is more suitable to short-range and small-size wireless personal area networks than for connecting with outside public networks. it seems that the security of Bluetooth is still not suitable for any serious. 30 . Since the Bluetooth security scheme is reasonably useful to the applications with less security requirements. Based on the original design goal of cable replacement. In the light of this study.Baramati. such as a network of the participants in a meeting. money transfers and transferring other sensitive information.
http://www.0. online report. Profile. “802 Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications.C.” Version 1. 2001.. Version 1.VPCOE. Aug 25.0. Specification of the Bluetooth System: Volume 1. 4. http://www.cs.1. Online report. Document # 1. Security Issues for Wearable Computing and Bluetooth Technology.15 Working Group for WPANs. 22.. “Bluetooth Security Architecture.Baramati.fi/Opinnot/Tik-86.174/btwearable. Bluetooth SIG. Mettala R.bell-labs.1.hut.pdf 6. Bluetooth White Paper. Jakobsson M. 3. 5.” 31 . Feb.org/15/. 2001.pdf 7 Bluetooth White paper. 8 IEEE Standards Board. 2. Specification of the Bluetooth System: Volume 2.120/1. 1999. and Wetzel S. Feb. 22. BLUETOOTH SECURITY BIBLIOGRAPHY 1. Core. Bluetooth Protocol Architecture: Version 1..0. Bluetooth SIG. Candolin C. http://ieee802.com/user/markusj/bluetooth. IEEE 802. Security Weaknesses in Bluetooth. Version 1.