Preliminary study:
BLUETOOTH SECURITY
Sil Jansns
Sil.Jansns@vub.ac.be
January9,2005
Last updated22/11/2004
Date Comment
22/11/2004Additions and corrections
after remarks of Robert Maier and Dave Singelee
09/11/2004Additions and corrections
04/11/2004Adaptations after remarks of Philip Cara 27/10/2004Adaptations after remarks of Dave Singelee 18/10/2004Corrections
17/10/2004Corrections and additions
16/10/2004Corrections and additions
14/10/2004Corrections and additions
10/10/2004Corrections and additions
6/10/2004First Draft
Table1:Version History
Contents
1Introduction3
1.1Purpo and scope (3)
1.2Definitions,acronyms and abbreviations (3)
1.3References (7)
2Bluetooth overview14
2.1Bluetooth specifications (14)
3Overall curity description15 4Bluetooth curity overview16
4.1Security Mode1:Noncure mode (16)
4.2Security Mode2:Service-level enforced curity mode (17)
4.3Security Mode3:Link-level enforced curity mode (17)
4.4Bluetooth Key Generation from PIN (17)
4.5Bluetooth Authentication (18)
4.6Bluetooth Encryption Process (19)
4.7Problems with the Bluetooth Standard Security (20)
5Bluetooth curity attacks22
5.1Impersonation attack by inrting/replacing data (22)
5.2Bluejacking (22)
5.3Bluetooth Wardriving (23)
5.4Nokia6310i Bluetooth OBEX Message DoS (24)
5.5Brute-Force attack (24)
5.6Denial-of-Service attack on the device (24)
5.7Disclosure of keys (24)
5.8Unit key attacks (25)
5.9Backdoor attack (25)
5.10Pairing attack (25)
5.11BlueStumbling=BlueSnarfing (25)
5.12BlueBug attack (26)
5.13PSM Scanning (26)
5.14Off-line PIN(via Kinit)recovery (26)
5.15On-line PIN cracking (27)
5.16Off-line encryption key(via Kc) (27)
5.17Attack on the Bluetooth Key Stream Generator (27)
5.18Reflection Attack (27)
5.19Replay attacks (27)
5.20Man-in-the-middle attack (27)
5.21Denial-of-Service attack on the Bluetooth network (27)
5.22A man-in-the-middle attack using Bluetooth in a WLAN interworking
environment (27)
5.23Impersonate original nding/receiving unit (28)
5.24Correlation attacks (28)
1Introduction
Bluetooth wireless technology is a short-range radio technology that is designed to ful-fill the particular needs of wireless interconnections between different personal devices, which are very popular in today’s society.The development of Bluetooth started in the mid-1990s,when a project within Ericsson Mobile Communications required a way to connect a keyboard to a computer device without a cable.The wireless link turned out to be uful for many other things,and it was developed into a more generic tool for connecting devices.A synchronous mode for voice traffic was added and support for up to ven slaves was introduced.In order to gain momentum for the technology and to promote acceptance,the Bluetooth Special Interest Group(SIG)was founded in 1998.The group consists of many companies from variousfields.By joining forces, the SIG members have evolved the radio link to what is now known as Bluetooth wire-less technology.
1.1Purpo and scope
The purpo of this document is to provide an introduction to the curity aspects of Bluetooth and the existing attacks on the curity of Bluetooth.
1.2Definitions,acronyms and abbreviations
•ACL:Asynchronous connection-oriented(logical transport).
•ACO:Authenticated ciphering offt.A parameter binding devices to a particu-lar authentication event.
•AES:Advanced Encryption Standard
•AG:Audio gateway.A mobile phone or other outloud-playing device(connected to a headt).
•BB:Baband.This is the lowest layer of the Bluetooth specification.
•BD
•CRC:Cyclic redundancy check.A checksum added to the payload by the nder that the receiver can u to detect transmission errors.
•DAC:Device access code.A code derived from a specific slave device in a Bluetooth connection
•DH:Diffie-Hellman.The name of thefirst public key exchange scheme.•DoS:Denial of rvice.Incident in which a ur or organization is deprived of the rvices of a resource they would normally expect to have.
•DSP:Digital signal processor.Editing of sounds in order to produce different sound effects.
•DT:Data terminal
•E0:Bluetooth ciphering algorithm built around four independent linear feed-back registers and afinite state machine as a combining circuitry.Thefinal state machine is needed to introduce sufficient nonlinearity to make it difficult to re-compute the initial state from obrving key stream data.
•E1:Bluetooth authentication function build around SAFER+.E1is called a Message Authentication Code(MAC)algorithm.
•E21:Bluetooth unit key algorithm,ud for unit key derivation,build around a slightly modified SAFER+algorithm.Becau of this,the algorithm E21cannot be ud directly as an invertible encryption algorithm.
•E22:Bluetooth initial key algorithm.Ud for initial key derivation and also build around a slightly modified SAFER+algorithm.E21and E22are very similar,this simplified the implementation.
•E3:Bluetooth encryption algorithm
•EAP:Extensible authentication protocol.An authentication protocol standard-ized by the IETF organization.
•EAPOL EAP:encapsulation over LANs
•ECDH:Elliptic-curve Diffie-Hellman
•eSCO:Enhanced synchronous connection-oriented.A logical channel for trans-port of prioritized synchronous ur data.
•FEC:Forward error correction.Another notion for an error correcting code.•FH:Frequency hopping.Sending transmissions over a different carrier fre-quency at different times.
•FHS:Frequency hop synchronization
•FHSS:Frequency Hopping Spread Spectrum.The FHSS carrier will hop on a predetermined,pudo random pattern defined using a pool of791MHz sub-channels defined across the entire band changing frequency about1600times per cond.Each channel is ud in625microconds followed by a hop in a pudo-random order to another channel.Bluetooth us FHSS to solve in-terference problems with numerous other technologies that also operate in the 2.4GHz-2.4835GHz ISM frequency band.
•GAP:Generic access profile.A Bluetooth profile that determines common con-nection handling functions for all other Bluetooth profiles.
•GSM:Global Mobile System
•HC:Host controller
•HCI:Host controller interface
•HS:Headt
•IAC:Inquiry access code
•ICC:Integrated circuit card
•ID:Identifier
•IEEE:Institute of Electrical and Electronics Engineers.A nonprofit technical professional association for engineers in this area.
•IETF:Internet Engineering Task Force
•IIR:Infinite impul respon
•IKE:Internet key exchange.An IETF protocol ud to authenticate IP connec-tions and to exchange IPSEC keys.
•IP:Internet protocol.
•IPSEC:IP curity protocol.An IETF curity protocol ud to protect IP pack-ets.
•ISM:Industrial,scientific,and medical.A part of the radio spectrum rerved for the kinds of applications.
•L2CAP:Logical link communication and adaptation protocol.
•LAN:Local area network
•LAP:Lower address part.Bits0to23of the unique48-bit IEEE device address BD
ADDR:Logical transport address.A logical3-bit address assigned to each slave in a piconet.
•MAC:Message authentication code,E1is a MAC algorithm.
•MANA:Manual authentication
