1 / 17

An Analysis of Bluetooth Security

An Analysis of Bluetooth Security. Jaymin Shah Sushma Kamuni. Introduction. Bluetooth It is an open wireless protocol for exchanging data over short distances from fixed and mobile devices, creating personal area network. Act as a reliable source of transmission for voice and data.

deborah
Download Presentation

An Analysis of Bluetooth Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Analysis of Bluetooth Security Jaymin Shah SushmaKamuni

  2. Introduction • Bluetooth • It is an open wireless protocol for exchanging data over short distances from fixed and mobile devices, creating personal area network. • Act as a reliable source of transmission for voice and data

  3. Designed to operate in the ISM band • Gaussian Frequency Shift Keying is used • Data rate of 1Mb/sec can be achieved • Features: Low cost, low power and robustness

  4. Bluetooth Security • Authentication:Verifies the identification of the devices that are communicating in the channel. • Confidentiality: Protecting the data from the attacker by allowing only authorized users to access the data. • Authorization: Only authorized users have control over the resources.

  5. Security features of Bluetooth • Security Mode 1: Non-Secure Mode • Security Mode 2: Service level enforced security mode • Security Mode 3: Link-level enforced security mode

  6. Link Key Generation

  7. Authentication

  8. Authentication Summary BD_ADDRB Verifier Claimant AU_RAND SRES Calculates SRES’ Success if match Authentication Process

  9. Confidentiality Confidentiality security service protects the eavesdropping attack on air-interface.

  10. Bluetooth Encryption Process • Encryption Mode 1: No encryption is needed. • Encryption Mode 2: Encrypted using link key keys. • Encryption Mode 3: All traffic is encrypted.

  11. Trust levels, service levels and authentication • Service level 1:Requires authentication and authorization. • Service level 2: Requires only authentication. • Service level 3: Open to all bluetooth devices.

  12. Problems with the standard Bluetooth Security

  13. Security Threats • Denial of service: Makes the device unusable and drains the mobile device battery. • Fuzzing attacks: Sending malformed messages to the bluetooth device. • Blue jacking: Causes harm when the user sends the data to the other user. • Blue snarfing: Uses IMEI identifier to route all the incoming calls.

  14. Man-in-the-middle

  15. Future • Broadcast Channel: Adoption of Bluetooth in the mobile phones from the Bluetooth information points. • Topology Management: Configuration should be invisible and the messages to the users in the scatternet. • Quality of Service: Video and audio transmission of data with high quality.

  16. References • http://www.bluetooth.com/Bluetooth/Technology/Basics.htm • http://en.wikipedia.org/wiki/Bluetooth • http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf • Software Security Technologies, A programmable approach, By Prof. Richard Sinn. • http://www.urel.feec.vutbr.cz/ra2008/archive/ra2006/abstracts/085.pdf • http://en.wikipedia.org/wiki/Bluetooth • http://csrc.nist.gov/publications/nistpubs/800-121/SP800-121.pdf

More Related