1 / 19

Security of Bluetooth

Security of Bluetooth. Máté Szalay szalaym@hit.bme.hu. Introduction. Wireless Standard Piconet (8 devices) Scatternet Range: ~10m LOS 1Mbps 64k voice 768k data 2.4 GHz v1.0, v1.1. Bluetooth SIG. Special Interest Group Founded in 1998 www.bluetooth.com Members:

haley-reeves
Download Presentation

Security of Bluetooth

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security of Bluetooth Máté Szalayszalaym@hit.bme.hu Bluetooth Security

  2. Introduction • Wireless Standard • Piconet (8 devices) • Scatternet • Range: ~10m LOS • 1Mbps • 64k voice • 768k data • 2.4 GHz • v1.0, v1.1 Bluetooth Security

  3. Bluetooth SIG • Special Interest Group • Founded in 1998 • www.bluetooth.com • Members: • IBM, Intel, Microsoft • Ericsson, Nokia, Motorola • Agere, 3COM, Toshiba Bluetooth Security

  4. Bluetooth Devices • Cellular phones • Headsets • Earphones • Printers, keyboards • … Bluetooth Security

  5. Bluetooth Security Goals • Message Confidentiality • User Anonimity • Unique ID Bluetooth Security

  6. Modes of Operation - 1 • Discoverable • Replies to everyone • Other piconet? • New device? • Non-Discoverable • Replies to devices already known Bluetooth Security

  7. Modes of Operation - 2 • Connectable • Replies to queries from already discovered nodes • Non-Connectable • Does not reply Bluetooth Security

  8. Setting Up Communication • Two devices • Not yet seen each other • Symmetric link key is set up • No shared secret • PIN based • Man-in-the-middle attacks Bluetooth Security

  9. Setting Up Link Key • Two methods • 1. Insufficient Memory • Using the unit key as link key • Impersonation attacks! • 2. Sufficient Memory • Initialization key • Mutual Authentication • Exchange of random numbers • Link key generation Bluetooth Security

  10. RND a(B) PIN RND a(B) PIN IK IK CH1 a(B) IK CH1 a(B) IK RESP1 RESP1’ Initialization Key Generation A B RND CH1 RESP1 … Bluetooth Security

  11. Link Key – Method 1 A B • KA is the link key • Can be different from unit key! EIK{KA} Bluetooth Security

  12. randA a(A) randB a(B) LK_Ka LK_Kb Link Key – Method 2 A B • (LK_KaLK_Kb) is the link key • Mutual Verification EIK{LK_Ka} EIK{LK_Kb} Bluetooth Security

  13. Link Key - Attacks • Attacker obtains initialization key • PIN length! • Attacker obtains unit key • Link key computed from initialization key • Encryption keys are computed from link key Bluetooth Security

  14. Location - 1 • Attacker traces movement of bluetooth users • Owns or leases several bluetooth devices • $10/device • Well placed (airports) • Records identities Bluetooth Security

  15. Location - 2 • Discoverable mode • Non-discoverable mode • Wait for the user to initiate • Gaining control over user’s device • Controlling only user’s device Bluetooth Security

  16. Linking Identities • Consumer identity is known • e.g.: credit card transfer • Probabilistic matches Bluetooth Security

  17. Encryption Engine • 4 LFSRs • Lengths: 25, 31, 33, 39 • Two 2-bit registers • Broken: • 2100 time • 266 time + 266 memory Bluetooth Security

  18. Countermeasures • PIN length > 64 bit • Protecting unit keys • Application layer security • Replacing the Cipher Bluetooth Security

  19. Thank you for your attention! szalaym@hit.bme.hu Bluetooth Security

More Related