Simple Bluetooth Security Manager based on the Open Bluetooth stack Dec. 18. 2001 Jongbae Park (+82-42-866-6162 )

Slides:



Advertisements
Similar presentations
USERSPACE I/O Reporter: R 張凱富.
Advertisements

1 MICSSA 2003 Bluetooth in the defence industry The quest for single chip point to multipoint Presented by David Johnson TFA leader – Mobile Platform Technologies.
BLUETOOTH. INTRODUCTION A look around at the moment! Keyboard connected to the computer, as well as a printer, mouse, monitor and so on. What (literally)
1 Introduction to Bluetooth v1.1 (Part I) Overview Radio Specification Baseband Specification LMP L2CAP.
Mohamed Mokdad Ecole d’Ingénieurs de Bienne
IEEE Wireless 2002 Conference - Seattle2/25/02 How To Use Bluetooth: Implementation of Current Technology Copyright 2002 Stonestreet One, Inc Tim Reilly.
Doc.: IEEE /046r1 Submission January 2001 Tom Siep, Texas InstrumentsSlide 1 Bluetooth Architecture Presentation Chatschik Bisdikian IBM Research.
Bluetooth: an Introduction
By Abdullah M. Dalloul… Abdullah M. Dalloul… Salman Y. Mansour Salman Y. Mansour Supervisor. Supervisor. Dr.
CPET 260 Bluetooth. What is Bluetooth? Not IEEE (Wi-Fi) or HomeRF Originally designed to replace wires Short-range, lower-power wireless technology.
Overview The Basics Core Specification Version Spectrum International Radio Frequency Allocation Range Power Benefits Protocol Stack Bluetooth Architecture.
1 Overview of Bluetooth technology Bluetooth protocol stack The Ericsson Bluetooth module Alternate solutions Wireless LANs Conclusions References Networking.
1 Mini Course Programming Context-aware Mobile Phones Thomas Bodin IT University of Copenhagen.
Bluetooth Jennifer Portillo Thomas Razo Samson Vuong By Sonny Leung.
Bluetooth Introduction The Bluetooth Technology
Presented by Selim Dursun
Data Structures in the Kernel Sarah Diesburg COP 5641.
2011 Embedded Systems Software Training Center BluRapport SDK.
Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.
BLUETOOTH. Introduction Bluetooth technology discussed here aims at so-called ad- hoc piconets, which are local area networks with a very limited coverage.
Distributed systems – Part 2  Bluetooth – 2 nd set of slides Anila Mjeda.
Bluetooth Architecture and Applications Chris Greco, Wesley Kunzler, Koy Rehme, Zhuo Ruan.
Graduate Operating Systems Mini-Project: Hacking Bluetooth In Linux Alan Joseph J Caceres.
CSR Firmware Sony Training Seminar 10th April 2002.
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
Bluetooth: Introduction
INTRODUCTION Bluetooth technology is code name for Personal Area Network (PAN) technology that makes it extremely easy to connect a mobile, computing device.
Bluetooth Kirthika Parmeswaran Telcordia Technologies OOPSLA’2000.
LWIP TCP/IP Stack 김백규.
Distributed systems – Part 2  Bluetooth 4 Anila Mjeda.
An Analysis of Bluetooth Security
Bluetooth Techniques ECE 591. Overview  Universal short-range wireless capability  Uses 2.4-GHz band  Available globally for unlicensed users  Devices.
10/15/ Short-Range Radio Frequency Networking B. Ramamuthy.
King Fahd University of Petroleum & Minerals Electrical Engineering Department EE400 PROJECT Personal Area Networks Instructed by Dr.AlGhadbanPresenters.
An Introduction to BLUETOOTH TECHNOLOGY
 2001 Prentice Hall, Inc. All rights reserved. 1 Chapter 23 - Bluetooth™ Wireless Technology Outline 23.1 Introduction 23.2 History of Bluetooth Wireless.
BLUETOOTH Created By: Ajay Bahoriya. Agenda Introduction to Bluetooth Bluetooth Basics Mode of operation Technology Security Advantages Integrating BT.
Bluetooth Techniques Chapter 15. Overview of Bluetooth Initially developed by Swedish mobile phone maker in 1994 to let laptop computers make calls over.
Bluetooth on CE. Mid - Presentation Roman Zoltsman & Oren Haggai Group /2001 Instructor: Nir Borenshtein HSDSL Lab. Technion.
발표자 : 현근수 Bluetooth. Overview wireless protocol short-range communications technology single digital wireless protocol connecting multiple devices mobile.
Team Topic Presentation Team 6 BLUETOOTH What is Bluetooth? Cable Replacement Automatic Connectivity Hidden Computing Few Examples: 1.Automatic Door.
An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala.
Focus On Bluetooth Security Presented by Kanij Fatema Sharme.
Lectured By: Vivek Dimri Asst Professor CSE Deptt. SET.
Bluetooth In 1994, the L. M. Ericsson company became interested in connecting its mobile phones to other devices without cables. A SIG (Special Interest.
JPMA PROJECT PRESENTATION (ITU) 1 INTRODUCTION BLUETOOTH CHAT DESIGN JAVA ON MOBILE DEVICE Presenters Benjamin Boateng Abass Omer Venkateshwar Rao Namilakonda.
Introduction to FUSE (File system in USEr space) Speaker:Zong-shuo Jheng Date:March 14, 2008.
Bluetooth.
Technology By :-. What Is Bluetooth? Designed to be used to connect both mobile devices and peripherals that currently require a wire Short range wireless.
Sonal Jain, IT-BHU Bluetooth Mobile Ad Hoc Networks Sonal Jain B.Tech (IV), Electrical Engg. Dept.,ITBHU IEEE SPAVes Sept 14, 15 Institute.
Abdul Rahman Al-Refai Zavnura Pingkan. Introduction Bluetooth is a wireless technology for short range data and/ or voice communication The communication.
File table: a list of opened files Each entry contains: – Index: file descriptors – Pointer to the file in memory – Access mode File descriptor is a positive.
1 A cable replacement technology 1 Mb/s symbol rate Range 10+ meters Single chip radio at low power & low price point Bluetooth.
Bluetooth Technology -Prepared By Jasmin Patel -Guided By Jagruti Goswami.
Bluetooth Technology -Prepared By Jasmin Patel -Guided By Jagruti Goswami.
What is Bluetooth? A cable-replacement technology that can be used to connect almost any device to any other device Radio interface enabling electronic.
Physical layer protocol bluetooth
BLUETOOTH THE STANDARD & ISSUES.
A Wireless LAN technologies IEEE
BLUETOOTH AND ITS APPLICATION IN MOBILE PHONES
Bluetooth.
CSE 333 – Section 3 POSIX I/O Functions.
BLUETOOTH Personal Area Networking [ PAN ] over Bluetooth
PREPARED BY: RIDDHI PATEL (09CE085)
CSE 333 – Section 3 POSIX I/O Functions.
Short-Range Radio Frequency Networking
Short-Range Radio Frequency Networking
Presentation transcript:

Simple Bluetooth Security Manager based on the Open Bluetooth stack Dec Jongbae Park ( )

2 Contents Bluetooth Introduction Bluetooth security architecture Axis Bluetooth stack Simple Security Manager Implementation Result

What Is A Emerging Technology Called bluetooth ?

4 Bluetooth Nobody loves wires! Forget Plug and Play - just Play 1Mbps(Sync), 723kbps(Async) 2.4GHz ISM band 1 or 100mW, 10 m, ~ 4 3 voice channels 8 participants in a piconet : a short-range radio technology for integration into mobile and handheld devices that is targeted to replace cables.

5 What Does Bluetooth Wireless Technology Do For You? Landline Data/Voice Access Points Personal Ad-hoc Networks Cable Replacement

6 PAN WG

7 IF/RF (BT1/BT2) Baseband (BT1/BT2) Bluetooth Protocol Stack

8 Bluetooth Products T39 T28 w/ Adapter R520

9 Products 3Com PC Card, USB Adapter - CSR, Parthus ATO Headset - Ericsson Axis AP Brain Boxes – PC Card, RS232 Adapter, CF Card - CSR, Socket Comm.

Bluetooth security architecture

11 Bluetooth security architecture 3 Security modes are defined Security Mode 1: non-secure Security Mode 2: service level enforced security Security Mode 3: link level enforced security Security Mode 2 Bluetooth device initiates security procedures after the channel is established (at the higher layers) Security Mode 3 Bluetooth device initiates security procedures before the channel is established (at the lower layers).

12 Bluetooth security architecture Example Bluetooth Security Architecture

13 Bluetooth security architecture 1. Store security-related information on services & devices 2. Answer access requests by protocol implementations or applications (either access granted or refused) 3. Enforce authentication and/or encryption before connecting to the application. 4. Initiate or process input from the device user to set- up trusted relationships on device level. 5. Initiate pairing and query PIN entry by the user. PIN entry might also be done by an application.

14 AXIS BLUETOOTH STACK The AXIS OpenBT Stack Implementation of Bluetooth stack for Linux. Bluetooth Driver for Linux Kernel v2.0, v2.2 and v2.4

15 AXIS BLUETOOTH STACK Structure of AXIS Openbt bluetooth Stack

16 AXIS BLUETOOTH STACK- Security

17 AXIS BLUETOOTH STACK- Sec_manager 함수명 설명 sec_client_shutdown static void sec_client_shutdown() security_query.originator = KERNEL Kernel version 이 정의되어 있을 경우 “ wake_up process~~ ” 문장을 출력 sec_man_init static void sec_man_init(enum security_requests user) Kernel version 이 정의되어 있을 경우 open_socket() 함수를 호출.open_socket()

18 AXIS BLUETOOTH STACK- Sec_manager sec_man_check static void sec_man_check(enum security_requests user, BD_ADDR bd_addr, u32 service_data, u32 user_data) Kernel version 이 정의되어 있을 경우 sec_man_sock 이 0 보다 작을 경우 (security manager 가 있지 않을 경우 error 메시지를 출력 ) Kernel version 이 정의되어 있지 않은 경우 sec_man_doquery() 함수를 호출. sec_man_doquery() sec_man_event static void sec_man_event(enum security_requests user, BD_ADDR bd_addr, u8 event, u8 *param, u8 param_len)

19 AXIS BLUETOOTH STACK- Sec_manager param_len 과 MAX_EVENT_DATA_LENGTH 의 크기를 비교해서 param_len 이 더 큰 경우는 “ event data length too long ” 을 찍고 param 의 MAX_EVENT_DATA_ LENGTH 값만큼을 security_query.event_param 에 memcpy 해줌. 그 반대의 경우는 param_len 을 memcpy. sec_man_doquery()sec_man_doquery() 함수를 호출 open_socket int open_socket(char *name) Socket 을 open 함. Connection 이 0 보다 작으면 socket 을 열수 없으므로 security manager 를 사용할 수 없다는 에러 메시지를 출력. sec_man_proc_dir_entry_read

20 AXIS BLUETOOTH STACK- Sec_manager static s32 sec_man_proc_dir_entry_read(char *buf, char **start, off_t offset, s32 len, s32 unused) sec_man_read()sec_man_read() 함수를 호출. sec_man_read static s32 sec_man_read(struct inode *inode, struct file * file, char * buf, s32 count) security_query.originator 가 BT_SEC_MAN 이 아닌 경우 no response 라는 메시지를 출력하고 interruptible_sleep_on() 함수를 호출.

21 AXIS BLUETOOTH STACK- Sec_manager sec_man_write static s32 sec_man_write(struct inode *inode, struct file * file, const char * buf, s32 count) sec_hdl->originator == BT_SEC_MAN( 새로운 request 를 받을 수 있으면 ) 인 경우 security_query.originator = SEC_CLIENT 로 하고 sec_hdl->request_type 가 L2CAP 인 경우  l2cap_process_sec_man_response() 함수 호출 sec_hdl->request_type 가 RFCOMM 경우  rfcomm_process_sec_man_response() 함수 호출 sec_man_doquery static s32 sec_man_doquery(s32 fd, u8 *request) sec_man_sock 에서 security_query 크기만큼 읽어서 request 에 저장

22 AXIS BLUETOOTH STACK- Sec_manager n= sec_man_sock 에서 BUFFER_SIZE 만큼 읽어와서 tmpbuf 에 저장 한 수. n 이 security_query 의 크기보다 작으면 db_hdl  len 만큼 response 했다고 출력 sec_hdl->request_type 가 L2CAP 인 경우  l2cap_process_sec_man_response() 함수 호출 sec_hdl->request_type 가 RFCOMM 경우  rfcomm_process_sec_man_response() 함수 호출 sec_client_shutdown static void sec_client_shutdown ( ) Wait_up process 가 awaikening 하다는 문장을 출력

23 AXIS BLUETOOTH STACK- Sec_manager init_link_key_list static void init_link_key_list ( ) link_key_list.first = NULL; link_key_list.last = NULL; link_key_list.cur = NULL; link_key_list.count = 0; free_link_key_list static void free_link_key_list ( ) delete_link_key ( )delete_link_key ( ) 함수를 호출

24 AXIS BLUETOOTH STACK- Sec_manager create_link_key link_key_information_type* create_link_key(unsigned char *bd_addr, unsigned char *link_key_str) Link key list 크기를 보고 새로운 link key element 를 할당할 수 있는지 없는지를 출력 link_key_list.count 값이 MAX_LINKKEYLISTSIZE 면 connection list full 에러 메시지가 뜸 get_next_link_key link_key_information_type* get_next_link_key(link_key_information_type* link_key) link_key_list.first 값이 link_key->next 값과 같으면 Null 을 return

25 AXIS BLUETOOTH STACK- Sec_manager insert_link_key static void insert_link_key(link_key_information_type *new_link_key) List 가 빈 경우 link_key_list.first = new_link_key; link_key_list.cur = new_link_key; link_key_list.last = new_link_key; link_key_list.count++; new_link_key->next = link_key_list.first; /* Pos32 at itself new_link_key->prev = link_key_list.first

26 AXIS BLUETOOTH STACK- Sec_manager List 가 비어있지 않은 경우 old_link_key = link_key_list.first; /* mark oldlink_key first new_link_key->next = old_link_key; link_key_list.last->next = new_link_key; old_link_key->prev = new_link_key; new_link_key->prev = link_key_list.last; link_key_list.cur = new_link_key; /* Set current to new element */ link_key_list.first = new_link_key; /* Set first to new element */ link_key_list.count++; delete_link_key Static s32 delete_link_key(link_key_information_type *link_key)

27 AXIS BLUETOOTH STACK- Sec_manager Element 를 지우고 pointer 를 update 함 Last element 인 경우 (link_key_list.count == 1) link_key_list.count--; link_key_list.first = NULL; link_key_list.cur = NULL; link_key_list.last = NULL; kfree(link_key);

28 AXIS BLUETOOTH STACK- Sec_manager sec_man_create_proc_file Static s32 sec_man_create_proc_file(void) Wait queue 를 초기화시켜줌.  init_waitqueue_head () 함수를 호출 Proc entry 가 성공적으로 register 되면 (create_proc_entry () 함수 호출 ) 필요한 structure 정보를 set 함 sec_man_remove_proc_file Static s32 sec_man_remove_proc_file (void) LINUX_VERSION_CODE >= KERNEL_VERSION(2,4,0) 인 경우 remove_proc_entry () 함수를 호출. 그렇지 않은 경우 proc_unregister() 함수를 호출.

29 AXIS BLUETOOTH STACK- Sec_manager sec_man_get_cached_link_key Static void sec_man_get_cached_link_key(u8 *param) get_first_link_key () 함수를 호출 link key 가 null 이 아닐 경우 link_key->bd_addr 를 param 으로 BD_ADDRESS_SIZE 만큼 memcpy 해 줌. 그 후 link_key- >link_key 를 param + BD_ADDRESS_SIZE 에다 LINK_KEY_SIZE 만큼 memcpy 해 줌. Link key 가 null 인 경 우는 memset 을 해줌.

30 AXIS BLUETOOTH STACK- Sec_manager HCI: process_event, REMOTE_NAME_REQUEST_COMPLETE AXIS 9010 ( ) HCI: send_cmd_queue, start: Num_HCI_Command_Packets=1 BT DATA <--|X| 8 HCI: send_cmd_queue, end : 0 cmds left in queue HCI: send_acl_data_task, 0 bytes BT DATA -->|X| 9 hci_receive_data, hci-9 HCI: hci_receive_data, WAIT_FOR_PACKET_TYPE HCI: hci_receive_data, WAIT_FOR_EVENT_TYPE HCI: hci_receive_data, WAIT_FOR_EVENT_LENGTH HCI: process_event, COMMAND_COMPLETE HCI: process_return_param, WRITE_LINK_POLICY_SETTINGS HCI: update_nhcp, Num_HCI_Command_Packets=1 HCI: send_cmd_queue, start: Num_HCI_Command_Packets=1 HCI: send_cmd_queue, end : 0 cmds

31 Result left in queue BT DATA -->|X| 9 hci_receive_data, hci-9 HCI: hci_receive_data, WAIT_FOR_PACKET_TYPE HCI: hci_receive_data, WAIT_FOR_EVENT_TYPE HCI: hci_receive_data, WAIT_FOR_EVENT_LENGTH HCI: process_event, PIN_CODE_REQUEST forwarding event to security manager Called my_sec_man We are in SEC_MAN_LOOPBACK mode...

32 Result  We are in SEC_MAN_LOOPBACK mode... hci_pin_code_request_reply New pin is (3): 0x31 0x32 0x33 hci_pin_code_request_reply BD_addr (6): 0x73 0x85 0x58 0x8c 0x40 0x00 hci_pin_code_request_reply, pin (3): 0x31 0x32 0x33 HCI: start_cmd_timer HCI: insert_cmd Aiee: scheduling in interrupt Aiee: scheduling in interrupt Aiee: scheduling in interrupt Aiee: scheduling in interrupt Aiee: scheduling in interrupt Aiee: scheduling in interrupt Aiee: scheduling in interrupt

33 Result my sec_manager: void my_sec_man(BD_ADDR bd_addr) { BD_ADDR address; char pin[ ]="123"; char len = 3; printk("We are in SEC_MAN_LOOPBACK mode...\n"); memcpy(address, bd_addr, BD_ADDRESS_SIZE); hci_pin_code_request_reply(address, pin, len); }

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com Inc. All rights reserved.