bluetooth technology
DESCRIPTION
2.4 GHz Open band Globally available Other devices include microwave ovens, cordless phones Frequency hopping and Time Division Multiplexing 10 – 100 meter range Up to 8 active devices can be in the same piconetTRANSCRIPT
BYAJAL.A.J
ASSISTANT PROFESSORMETS SCHOOL OF ENGINEERING , MALA
BLUETOOTH SECURITY USING KEY - GENERATING ENCRYPTION ALGOTITHM
Sources for talk
• Palm Source Presentation by Peter Easton205 Bluetooth and Palm OS®http://www.palmsource.com/slides/Track%20200/205.pdf
• Palm’s Bluetooth Wireless Technology Pagehttp://www.palmos.com/dev/tech/bluetooth/
• Palm’s Bluetooth Whitepaperhttp://www.palmos.com/dev/tech/bluetooth/palm_bluetooth_whitepaper.pdf
• AnywhereYouGo.comhttp://www.anywhereyougo.com/
ABSTRACT
• Bluetooth is a way of connecting machines to each other without cables or any other physical medium.
• It uses radio waves to transfer information, so it is very susceptible to attacks.
• This paper first gives some background information about
Bluetooth system and security issues in ad hoc networks, then it concentrates on specific security measures in Bluetooth, mainly authentication, encryption, key management and ad hoc aspects.
• Then it points out flaws and possible security holes in the Bluetooth Security Specification
Origin of the name and the logo
• Bluetooth was named after a late tenth century king, Harald Bluetooth, King of Denmark and Norway. He is known for his unification of previously warring tribes from Denmark (including now Swedish Scania, where the Bluetooth technology was invented), and Norway. Bluetooth likewise was intended to unify different technologies, such as personal computers and mobile phones.The name may have been inspired less by the historical Harald than the loose interpretation of him in The Long Ships by Frans Gunnar Bengtsson, a Swedish Viking-inspired novel.
• The Bluetooth logo merges the Germanic runes analogous to the modern Latin letter H and B: (for Harald Bluetooth)
(Hagall) and (Berkanan)• merged together, forming a bind rune.
What is Bluetooth?
• Open wireless communication standard– www.bluetooth.com
• Focused on mobile wireless links– Small, low cost, low power consumption
• Allows small ad hoc wireless networks– Piconet
• 1 master and up to 7 active slaves
– Scatternet• Communication between Piconets
What is Bluetooth?
• 2.4 GHz Open band– Globally available– Other devices include microwave ovens, cordless
phones– Frequency hopping and Time Division Multiplexing
• 10 – 100 meter range – Up to 8 active devices can be in the same piconet
Related Standards
• IrDA: Infrared Data Association– Infrared “beaming”
– Short distances (~1 meters)
– Point-to-point, line-of-sight communication
• 802.11B and Home RF– Higher bandwidth
– Don’t support voice
– More expensive
– Require more power
Bluetooth versionsBluetooth versions
Bluetooth 1.0 and 1.0B Versions 1.0 and 1.0B had many problems
Manufacturers had difficulty making their products interoperable.
Bluetooth 1.1 Many errors found in the 1.0B specifications were fixed. Added support for non-encrypted channels. Received Signal Strength Indicator (RSSI).
Bluetooth 1.2 Faster Connection and Discovery Use the Adaptive frequency-hopping spread spectrum (AFH)
improves resistance to radio frequency interference Higher transmission speeds in practice, up to 721 kbps
Bluetooth 2.0 This version, specified November 2004 The main enhancement is the introduction of an enhanced data rate (EDR) of 3.0
Mbps. Lower power consumption through a reduced duty cycle. Simplification of multi-link scenarios due to more available bandwidth.
Bluetooth 2.1 A draft version of the Bluetooth Core Specification Version 2.1 + EDR is now available
Bluetooth System Components
• Link Manager:
- Link Layer messages for setup and link control
Base band :
- base band protocols and low level link routines• Radio unit :
– actual radio transceiver which enables the wireless link between Bluetooth devices
Overview of Bluetooth hardware
Bluetooth Security
1. non-secure– device does not initiate any kind of security procedure
2. service-level security– more flexibility in application access policies is allowed
3. link level security– device sets up security procedures before the link set-
up is completed. – Link level security provides applications with
knowledge of "who" is at the other end of the link and provide authentication, authorization, and encryption services
Typical Bluetooth Operation
• Discover single or multiple devices
• Create an link to the device
• Create a socket– SDP: Service Discovery Protocol– Used by Virtual Serial Driver– Data Connection
• Pass Data
• Close Socket, close link
Key Management
Key generating algorithm E22 for master and initialization keys
Encryption process
Encryption key generation
Bluetooth Encryption
E0
BD_ADDRA
clockA
KC’
Kcipher
Kcipher
Kcipher
dataA-B
dataB-A
E0
BD_ADDRA
clockA
K’C’
K’cipher
K’cipher
K’cipher
dataA-B
dataB-A
data
A B
Authentication
Problems in the Security of Bluetooth
• Radio jamming attacks
• Buffer overflow attacks
• Blocking of other devices
• Battery exhaustion
• Man in the middle attacks
• Sometimes: default = no security
• possible to track devices (and users)
Recommendations
• Never use unit keys!!!!
• Use long and sufficiently random PINs
• Always make sure security is turned ‘on’
Bluetooth™ Wireless Technology Application Areas
• Pure computing applications– Presentations– Card Scanning– Synchronizing Data– Remote Synchronization– Printing– Scanners
• Ubiquous Applications– Communicator platforms– Electronic Books– Travel– Home Entertainment
• System Applications– In-vehicle systems
– Payment Systems
– Behavior Enforcement
– Collaboration
– Mobile E-commerce
802.15 Wireless Personal Area 802.15 Wireless Personal Area Network(WPAN) Working GroupNetwork(WPAN) Working Group
Working Groups summary
802.15
802.15.1 802.15.2
802.15.4b802.15.3a 802.15.3b
802.15.4802.15.3
802.15.1 : WPAN/Bluetooth 802.15.2 : Coexistence Group 802.15.3 : High Rate(HR) WPAN Group
802.15.3a : UWB 802.15.3b : MAC Amendment Task Group
802.15.4 : Low Rate(LW) WPAN Group(Zigbee) 802.15.4a : WPAN Low Rate Alternative PHY 802.15.4b : Revisions and Enhancements
UWB Forum
802.15.4a
Ultra Wide Band (UWB)Ultra Wide Band (UWB)
What is the UWB? Transmitting information spread over a large bandwidth (>500
MHz) Provide an efficient use of scarce radio bandwidth
High data rate in WPAN connectivity and longer-range A February 14, 2002
Report and Order by the FCC authorizes the unlicensed use of UWB November of 2005.
ITU-R have resulted in a Report and Recommendation on UWB Expected to act on national regulations for UWB very soon.
The advantage of the UWB Take advantage of inverse relationship between distance and
throughput Huge bandwidth : very high throughput Low power consumption Convenience and flexibility No interference
Ultra Wide Band(UWB)(2/2)Ultra Wide Band(UWB)(2/2)
Wireless technology
Power mW Rage meter BW/channel Rate bps
CDMA 1xEVDO
600 ~2000 1.25 MHz 2.4M
802.16(WiMAX)
250 ~4000 25MHz 120M
802.11g(WiFi)
50 ~100 25MHz 54M
Bluetooth 1 ~10 1MHz <1M
UWB <30 10~30 500MHz 100M~1G
Current wireless Comparison
Key application Wireless USB Toys and game Consumer electronics Location tracking Handset
802.16 Broadband Wireless Access(BWA) 802.16 Broadband Wireless Access(BWA) Working Group(1/2)Working Group(1/2)
IEEE 802.16 Be was established by IEEE Standards Board in 1999, aims
to prepare formal specifications for the global deployment of broadband Wireless Metropolitan Area Network.
A unit of the IEEE 802 LAN/MAN Standards Committee. A related technology Mobile Broadband Wireless
Access(MBWA)
Fixed(Stationary)
Pedestrian(Nomadic)
Mobile(Vehicular)
2G/2.5GCellular
0.1 1.0 10 100Peak Data Rate per User (Mbits/second)
Mob
ilit
y
802.16e
802.16a(WiMAX)
WWAN(IMT-2000)
cdma2000® 1xEV-DO,cdma2000® 1xEV-DV
3.1
WCDMA HSDPA
802.15.1(Bluetooth)
802.11(WLAN)
802.15.3a(UWB)
802.16 Broadband Wireless Access(BWA) 802.16 Broadband Wireless Access(BWA) Working Group(2/2)Working Group(2/2)
Working Groups summary
802.16
802.15.g 802.15.h 802.15.k802.15.j802.16.f 802.15.m802.15.i
802.16f : Management Information Base 802.16g : Management Plane Procedures and Services 802.16h : Improved Coexistence Mechanisms for License-Exempt
Operation 802.16i : Mobile Management Information Base 802.16j : Multihop Relay Specification 802.16k : Bridging of 802.16 802.16m : Advanced Air Interface. Data rates of 100 Mbps for mobile
applications and 1 Gbps for fixed applications.
“Last Mile” Access Alternatives
Blue-toothBlue-tooth
Broadband Capable Terrestrial Wireless Broadband Capable Terrestrial Wireless NetworksNetworks
UWB802.1
5
UWB802.1
5
PersonalArea
Networks(PANs)
Range50 feet 500 feet 10’s miles
MetropolitanArea
Networks(MANs)
WLAN802.1
1
WLAN802.1
1
LocalArea
Networks(LANs)
WideArea
Networks(WANs)
Cellular2.5 G,
3G
Cellular2.5 G,
3G
Edge, CDMA2000,1xEV-DO, UMTS
MMDS
LMDS
WMAN(802.16d)
WMAN(802.16e)
Mobile WiMAX
Final Thoughts
• A single-chip solution is the ultimate goal – Around $5/chip – Several players have begun developing implementations• Success of device depends on – The supplier’s ability to deliver implementation at a low
price point – Application development that is easily integrated with today’s infrastructure – Ability of Bluetooth to meet market’s expectations
REFERENCES• [1]Amoroso E., Fundamentals of Computer Security Technology, Prentice Hall,
2004.
• [2]Asokan N. & Ginzboorg P., Key Agreement in Ad-Hoc Networks, Prentice Hall, 2002
• [3]Bluetooth, The Bluetooth Specification, v.1.0B < http://www.bluetooth.com/developer/specification/specification.asp >
• [4]Zhou L. & Haas Z., Securing Ad Hoc Networks < http://www.ee.cornell.edu/~haas/Publications/network99.ps >
• [5]Gollmann D., Computer Security, John Wiley & Sons Inc., 2003.
• [6]Müller T., Bluetooth Security Architecture, 1999< http://www.bluetooth.com/developer/download/download.asp?doc=174 >