Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Analysis of Bluetooth Security

Published byEzra Jefferson Modified over 8 years ago

Similar presentations

Presentation on theme: "An Analysis of Bluetooth Security"— Presentation transcript:

1 An Analysis of Bluetooth Security
Jaymin Shah Sushma Kamuni

2 Introduction Bluetooth
It is an open wireless protocol for exchanging data over short distances from fixed and mobile devices, creating personal area network. Act as a reliable source of transmission for voice and data

3 Designed to operate in the ISM band
Gaussian Frequency Shift Keying is used Data rate of 1Mb/sec can be achieved Features: Low cost, low power and robustness Class Range (meters) Max. Power (mW) 1 100 2 10 2.5 3

4 Bluetooth Security Authentication: Verifies the identification of the devices that are communicating in the channel. Confidentiality: Protecting the data from the attacker by allowing only authorized users to access the data. Authorization: Only authorized users have control over the resources.

5 Security features of Bluetooth
Security Mode 1: Non-Secure Mode Security Mode 2: Service level enforced security mode Security Mode 3: Link-level enforced security mode Mode 1 – Non-secure mode: There won’t be any authentication or encryption in this mode. Bluetooth device can easily be connected with the other devices. Mode 2 – Service level enforced security mode (Flexible/Policy Based): The management of the access control and interfaces with other protocols and device users is handled by the centralized security manager. Different types of policies and ‘trust’ levels can be defined for the different kind of security needs operating in parallel. Mode 3 – Link level enforced security mode (Fixed): contrast to mode 2, security procedure is initiated before the channel is established. This is a built in security mechanism that offers the authentication (unidirectional or mutual) and encryption based on the secret key shared by the pair of devices. Key is generated by the pairing procedure when two devices communicate with each other.

6 Link Key Generation Link key is generated at the initialization phase. Two devices bond each other and derive link keys when user enters an identical key to both the devices. It is shown in the figure. At the end of initialization, devices authenticate each other and perform encryption of links. The PIN used in the initialization may have length from 1 byte to 16 bytes where longer code may provide more security.

7 Authentication First, Claimant transmits its 48 bit address to the verifier. (BD_ADDR) Verifier responses it by sending 128 bit random challenge. (AU_RAND) Now with the help of some algorithm E1, the verifier compute the authentication response using the address, link key and random challenge as input. Claimant performs the same operation. The claimant returns the response, SRES, to the verifier. The verifier compares the own response with the response of the claimant. If both the 32 bit SRES values get equal, then the verifier will continue the connection.

8 Authentication Summary
BD_ADDRB Verifier Claimant AU_RAND SRES Calculates SRES’ Success if match Authentication Process Parameter Length Secrecy parameter Device Address 48 Bits Public Random Challenge Bits Authentication (SRES) Response 32 Bits Link Key 128 Bits Secret

9 Confidentiality Confidentiality security service protects the eavesdropping attack on air-interface.

10 Bluetooth Encryption Process
Encryption Mode 1: No encryption is needed. Encryption Mode 2: Encrypted using link key keys. Encryption Mode 3: All traffic is encrypted.

11 Trust levels, service levels and authentication
Service level 1: Requires authentication and authorization. Service level 2: Requires only authentication. Service level 3: Open to all bluetooth devices.

12 Problems with the standard Bluetooth Security
Security Issue Remarks Strength of the Random Number Generator (RNG) is unknown. RNG may produce periodic numbers that reduces the strength of authentication mechanism. Short PINs are allowed. Such weak PINs are used to generate link and encryption keys that are easily predictable. Encryption key length is negotiable. More robust initialization key generation procedure should be developed. No user authentication exists. As only device authentication is provided, application security and user authentication can be employed. Stream cipher is weak and key length is negotiable. Robust encryption procedure and minimum key length should be decided and passed as an agreement.

13 Security Issue Remarks
Privacy can be compromised if the BD_ADDR is captured and associated with a particular user. Once the BD_ADDR is associated with a particular user, that user’s activity can be logged. So, loss of privacy can be compromised. Device authentication is simple shared key challenge response. One-way authentication may be subjected to man-in-middle attacks. Mutual authentication is a good idea to provide verification.

14 Security Threats Denial of service: Makes the device unusable and drains the mobile device battery. Fuzzing attacks: Sending malformed messages to the bluetooth device. Blue jacking: Causes harm when the user sends the data to the other user. Blue snarfing: Uses IMEI identifier to route all the incoming calls.

15 Man-in-the-middle Step 1: Device A shares a
separate unit key with device B (trusted device) and shares some trusted information. Step 2: Device A share a unit key with device C (untrusted device), which is separate from device A and device B. Step 3: The man-in-the-middle that is Device C fakes the secret key to encrypt the messages that are transmitting between Devices A and B. Step 4: Device C traces the whole data that is transmitting between devices A and B.

16 Future Broadcast Channel: Adoption of Bluetooth in the mobile phones from the Bluetooth information points. Topology Management: Configuration should be invisible and the messages to the users in the scatternet. Quality of Service: Video and audio transmission of data with high quality.

17 References http://www.bluetooth.com/Bluetooth/Technology/Basics.htm
Software Security Technologies, A programmable approach, By Prof. Richard Sinn.

Download ppt "An Analysis of Bluetooth Security"

Similar presentations

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
BLUETOOTH TM :A new radio interface providing ubiquitous connectivity Jaap C.Haartsen Ericssion Radio System B.V. 2000 IEEE.

BLUETOOTH TM :A new radio interface providing ubiquitous connectivity Jaap C.Haartsen Ericssion Radio System B.V IEEE.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.

Raphael Frank 20 October 2007 Authentication & Intrusion Prevention for Multi-Link Wireless Networks.
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
Bluetooth Technology. What is Bluetooth? Bluetooth is a short- range communications technology that allows devices to communicate with each other without.

Bluetooth Technology. What is Bluetooth? Bluetooth is a short- range communications technology that allows devices to communicate with each other without.
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.

Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.

Wireless Network Security Issues By Advait Kothare SJSU CS265 Fall 2004.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless & Network Security Lecture 10:

Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale Wireless & Network Security Lecture 10:
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Bluetooth Security How security is implemented for services running on Bluetooth devices, and future security issues for this technology By Scott Anson.

Bluetooth Security How security is implemented for services running on Bluetooth devices, and future security issues for this technology By Scott Anson.
Project Proposal: Security Threats for Wireless Devices Matt Fratkin April 11 th, 2005 E6886.

Project Proposal: Security Threats for Wireless Devices Matt Fratkin April 11 th, 2005 E6886.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
802.11 Networks Olga Agnew Bryant Likes Daewon Seo.

Networks Olga Agnew Bryant Likes Daewon Seo.
Bluetooth Introduction The Bluetooth Technology

Bluetooth Introduction The Bluetooth Technology
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Similar presentations

Ads by Google