Professional Documents
Culture Documents
A SEMINAR BY
HARUNA, TOFA
(G2020/PhD/CITE/FT/005)
AND
AUDU, ELIAZAR ELISHA
(G2020/PhD/CITE/FT/009)
What’s With the Name?
•The name ‘Bluetooth’ was named after 10th century
Viking king in Denmark Harald Bluetooth who united
and controlled Denmark and Norway.
Bluetooth Chip
Baseband Link
RF Controller Manager
SPECIFICATIONS
– Application Specifications
• These specifications include the following
• Profiles Cordless Telephony
• Serial Port
• Headset
• Intercom
• Dialup Networking
• Fax
• File Transfer
• Service Discovery Application
• Generic Access
RADIO POWER CLASSES
• Cable Replacement
– Replace the cables for peripheral devices
• Ease of file sharing
– Panel discussion, conference, etc.
• Wireless synchronization
– Synchronize personal information contained in the address
books and date books between different devices such as
PDAs, cell phones, etc.
• Bridging of networks
– Cell phone connects to the network through dial-up
connection while connecting to a laptop with Bluetooth.
Bluetooth Devices
• Bluetooth-enabled
PC Card
Bluetooth Products 2
• Bluetooth-enabled
PDA
Bluetooth Products 3
• Bluetooth-enabled
Cell Phone
Bluetooth Products 4
• Bluetooth-enabled Head
Set
Usage Models
• Cordless computer
• Ultimate headset
• Three-in-one phone
• Interactive conference (file transfer)
• Direct network access
• Instant postcard
Wireless Technologies
Optical 850
Spectrum 2.4GHz
nano meters
•Bluetooth security
Security of Bluetooth
• Problems with E0
• PIN
• Problems with E1
• Location privacy
• Denial of service attacks
Problems with E0
• Given all cryptographic primitives (E0,
E1, E21, E22) used in Bluetooth
Pairing/Bonding and authentication
process the Bluetooth PIN can be
cracked ? – Focus on short PIN now.
• Output (KC) = combination of 4 LFSRs
(Linear Feedback Shift Register)
• Key (KC) = 128 bits
• Best attack: guess some registers
PIN
• Some devices use a fixed PIN
(default=0000)
• Security keys = security PIN !!!!
• Possible to check guesses of PIN (SRES)
-> brut force attack
• Weak PINs (1234, 5555, …
Problems with E1
• E1 = SAFER+
• In cryptography, SAFER (Secure And Fast Encryption
Routine) is the name of a family of block ciphers The
early SAFER K and SAFER SK designs share the same
encryption function, but differ in the number of rounds
and the key schedule. More recent versions — SAFER+
and SAFER++ —
• All of the algorithms in the SAFER family are
unpatented and available for unrestricted use.