1 / 17

How secure is

How secure is. Darren Adams, Kyle Coble, and Lakshmi Kasoji. Bluetooth has become very popular because: Power efficiency Low costs Short range radio frequency wireless device Bluetooth is a Personal Area Network (PAN) wireless device and can be used for: Portable laptops

nevada-kirby
Download Presentation

How secure is

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How secure is Darren Adams,Kyle Coble, andLakshmi Kasoji

  2. Bluetooth has become very popular because: Power efficiency Low costs Short range radio frequency wireless device Bluetooth is a Personal Area Network (PAN) wireless device and can be used for: Portable laptops Printers Keyboards Headsets Cell phones GPS devices Ipod’s PDA’s Automobile equipment Introduction to Bluetooth 2

  3. Introduction to Bluetooth History: Bluetooth name came from Denmark. Originally created by Jaap Haartsen and Sven Mattisson working for Ericsson in 1994. Further developed by Special Interest Group (SIG) including: • Ericsson • IBM • Nokia • Intel • Toshiba In 1999, other companies added support including 3Com Corporation, Lucent Technologies, Microsoft and Motorola 3

  4. Introduction to Bluetooth Bluetooth features… • Frequency ~ 2.5GHz. Communication is point to point or one point to several connections. Used globally without a license. • 10 to 100 meter transmit distances at 1Mbps. • Uses ad-hoc network, also called piconet. In a piconet, one device acts as master and other devices as slaves. Maximum of seven slaves • Low and high level of power depending on room size • Synchronous and asynchronous communication channels wikipedia 4

  5. Bluetooth Devices Google Images 5

  6. Significant target due to popularity Newer technology means bugs and vulnerabilities Numerous types of devices means different problems for each Bluetooth: Security Risks 6

  7. PCs and Bluetooth • Ad-Hoc network in meeting • Some hubs have no router-like security (simple relay)‏ • Class 1 Bluetooth devices can extend 300 feet • Problems with fixed passkey • Short key means easy to guess • Separate keys for different types of access is recommended but rarely used (Linux)‏ • Initial key exchange is unencrypted • Hacker could extrapolate key (similar to cracking WEP encryption) 7

  8. Bluetooth Passwords • Using one passkey for all connections • Instead of unique keys to each pairing, all devices (Laptop, PDA, Cell Phone, Printer, Headset, etc.) use same passkey • Hacker accesses one trusted device, all devices are now vulnerable • MAC address problems • Can identify MAC address and monitor traffic on device (class example of 2 companies merging)‏ • MAC unencrypted regardless of other encryption • Standard Linux commands can be used # hcitool scan Scanning ... 00:0A:D9:15:0B:1C T610-phone 8

  9. Cracking Bluetooth • RedFang • Scans MACs one at a time • Odds of finding are low • Average 3-10sec / address • Sony Ericsson alone has 16,777,216 possible • = 1,000+ days • Devices available to analyze Bluetooth data • Cost prohibitive ($9500.00)‏ 9

  10. Cracking Bluetooth Cont. • Uses frequency hopping to deter, sequence is only pseudo-random • 1600 hops/second • Possibly find hop sequence and collect data • Owner forgets to disable device discovery • Unable to change MAC • Phone always allows connection attempt without prompting user • One device must enter discoverable mode to make connection 10

  11. Device ID Weakness • 2 devices attempting to link are identified by name • Equipment not identified by unique MAC address • Leaves door open to exploit people (social engineering)‏ • Paris Hilton cell phone incident 11

  12. Current & Future Solutions • Simple password • Between 1 and 16 numbers (128bit)‏ • Some devices have hard-coded passwords • Basic encryption method, no variance • What else?! Bluetooth Wifi 12

  13. Current & Future Solutions • Security Mode 1 • Device does not initiate special security mechanism but responds to authentication requests • No Encryption • Security Mode 2 • Use of security mechanisms determined by trust status. Security is performed after authentication requests from other devices • Broadcast traffic is unencrypted • Security Mode 3 • Authentication is necessary for connection establishment • All traffic is encrypted. 13

  14. Current & Future Solutions • Simple current solutions • Lower the transmission power • Set to un-discoverable • Pairing in an inception-proof environment • Use complex keys 14

  15. Current & Future Solutions • Example : ActerBlue • Designed to make mobile e-commerce secure via Bluetooth • Done through onboard biometric ID system • Passwords are removed – instead, fingerprint images are processed/stored on the card 15

  16. Current & Future Solutions • Hardware access point? • Allows owner to create up to 8 users with unique passwords. • Connects by standard ethernet • More secure than standard Bluetooth? Belkin F8T030 16

  17. References: • http://books.google.com/books?id=-fUR0OGZ7bQC&pg=PA58&lpg=PA58&dq=bluetooth+combination+key&source=web&ots=RwkD5ANJcH&sig=FAheS6Y29uE3EUqLZRMgS3i5v5I • http://www.securityfocus.com/infocus/1830 • http://www.bluetooth-headset.co.uk/images/jabra%20jx10%20hub.bmp • http://windowsecurity.com/articles/Bluetooth-Security-Threat.html • http://www.cyberindian.net/wp-content/uploads/sony-ericsson-k790i-mobile-phones.jpg • http://www.askdavetaylor.com/sync_motorola_razr_v3c_with_windows_xp_via_bluetooth.html 17

More Related