220 likes | 320 Views
An Analysis of Bluetooth Security. Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala. Introduction. Short range radio technology which utilizes wireless protocol. Can transmit data up to 100 meters. Composed of 8 active devices which share a master – slave relationship.
E N D
An Analysis of Bluetooth Security Team A: Padmaja Sriraman Padmapriya Gudipati Sreenivasulu Lekkala
Introduction • Short range radio technology which utilizes wireless protocol. • Can transmit data up to 100 meters. • Composed of 8 active devices which share a master – slave relationship. • Developed by Bluetooth Special Interest Group (SIG).
Types of keys LINK KEY SEMI TRANSPARENT TEMPORARY KEY UNIT KEY COMBINATION KEY INITIALIZATION MASTER CIPHERING KEY ENCRYPTION KEY CONSTRAINED ENCRYPTION KEY PAYLOAD KEY
Security Architecture • Generation of initialization key • Authentication • Generation of link key • Link key exchange • Generation of encryption key
Key Pairing • Generation of initialization key: A method similar to SAFER+ Block Cipher is used. The input to this method is the public address of the bluetooth unit, PIN, length of the pin and a random number • Authentication: This process involves a challenge-response scheme. • Link key generation: Any one type of the key is generated. • Link key exchange: The generated key is exchanged. • Generation of encryption key: Uses Cipher Keys for encryption of data
Modes of Operation • Mode 1 – No Security. Authentication and encryption are bypassed. • Mode2 –Service level security. Used after the link connection is established. • Mode3 – Link level security. Uses the link keys. • Mode4 – Similar to Mode2 but with enhanced security techniques
Eavesdropping • Attacker can see and change the payload • Easy when it is not encrypted • One solution is frequency hopping technology • 2.4 GHZ ISM band which is license free • Hops between frequencies in pseudo-random order • Difficult to pick up the signal
Impersonation • Receivers want to be sure that they receive from original sending party • Attacker impersonates the sending unit • Needs to give correct response to the challenge • Not easy, No attack on SAFER+ known • Changes the payload data • Easy if no encryption, manipulate CRC • Since CRC calculation is a linear task • Attacker can compute how to modify CRC according to modification to encrypted data
Combination key generation K= current link keyKAB = Combination key
Pairing • Can be prone to attack if it is done in public places • The current link key used to generate the combination key, KAB, is derived as KINT=E22(BD_ADDR_A, IN_RAND,PKEY) • PKEY is the secret pass key • If an attacker can guess PKEY, he can calculate combination key • If PKEY is short, it becomes easy to guess it
Authentication(Challenge-Response) BD_ADDRB Claimant Verifier • SRES=E1(KAB,AU_RAND,BD_ADDRB) • If PKEY is small, attacker can try possible value to get a match between SRES’ and SRES • Short passkey values should be avoided AU_RAND Calculates SRES’ SRES Success if SRES’==SRES
Improper key storage • Disclosure of keys • Malicious USB plugs, Viruses, Trojan horses • Device should be paired with hosts it is allowed on • Host should communicate only with trusted parties • Adding link key to the database without pairing • Device assumes that valid bonding exists • Restrict the access • Encrypt the database
Contd… • Denial of service • Delete or corrupt the link keys in the database • Change the CRC along with the keys • Authentication fails repeatedly, waiting time increases • Solution is to request new pairing • Need to provide good integrity protection to the database
Location Tracking • Tracking users movements by tracking bluetooth device • Bluetooth access codes CAC, LAC, IAC are derived from the device address • These codes help in tracking • To prevent this devices operate in anonymity mode updating their device address randomly
Implementation flaws • Key database management, user interaction, memory protection • Snarf attack – Set up connection without consent or alerting • Backdoor attack – Erase link from list of paired devices but not from database of the victim. Attacker attacks the target • Bluejacking – Sending unsolicited messages to bluetooth devices
Security for Bluetooth Applications Bluetooth security will depend on the application exactly how one should use. Some applications need more security design than other applications because some applications are more security sensitive. Here we discuss the security mechanisms for three different bluetooth applications. Headset. Network Access. SIM Access.
Headset The Bluetooth headset profile is used for headset connections to mobile phones and laptops. The security association is used to authenticate and encrypt all communication between two Bluetooth wireless devices. Bluetooth pass-key usage can prevent illegal use of stolen headset. A typical headset configuration consists of two devices a headset (HS) and audio gateway (AG). AG is typically a cellular phone , laptop , PC. The communication between HS and AG is protected by the authentication and encryption mechanisms.
Headset (contd..) The HS and AG need to store the pass-keys and link-keys for secure connections. HS usually does not have the user interface , AG will control some of the basic settings of HS (e.g volume setting, changing the passkey). The pairing will only succeed if only the AG knows the correct pass-key of HS. If the HS is stolen , the thief will not know the pass-key and will not succeed to connect to the HS with another AG.
Network Access Network access to an IP network in Bluetooth is provided through PAN profile. Network access points (NAcP) connected to LAN through wired network in one side and the other side Bluetooth wireless devices will be connected. NAcPs can be accessed by anybody because it is open , but service will be restricted by service provider , only authorized persons will be allowed to access the network. Suggested security architecture is built around common access key (CAK) concept .
SIM Access The SIM (subscription identity module) access application is provided by a Bluetooth profile. A SIM card is an integrated circuit used in GSM mobile telephone system. It is used to hold the subscriber information. The Bluetooth SIM access profile defines procedures and protocols for access to a remote SIM over a Bluetooth connection. The SIM is used for security critical services. The card holds secret keys and subscriber information.
Conclusion • Bluetooth is a widely used technology for short distance wireless communication • Still has security loopholes and research is going on to improve security
References [1] Christian Gehrmann, Joakim Persson, Ben Smeets, Bluetooth Security, Artech House, 2004 [2] http://www.cs.utk.edu/~tyang/wireless/blue.htm [3] http://www.cs.utk.edu/~dasgupta/bluetooth/ [4] http://en.wikipedia.org/wiki/Bluetooth [5]. http://www.bluetooth.com/Bluetooth/Technology