Transcript Uses - The University of Tulsa

Bluetooth Security
Laura Lewis
University of Tulsa
Tulsa, Oklahoma
Introduction
• Idea originated by Erickson in 1994.
• Developed as a method for connecting cell phones
with accessories.
• In 1998 IBM, Nokia, Intel, and Toshiba joined
together as a special interest group (SIG) to create
an open standard.
Timeline
History
• Bluetooth was named after a
940AD Danish Viking king,
Harald Blatand who's name
translates to "blue tooth".
• A historian on the team
proposed this name as the
code name for their project
and it stuck.
• The Bluetooth logo consists of
the Nordic runes for his
initials, H and B.
Technical Specs
• Operates in the license-free industrial,
scientific, and medical (ISM) band: 2.4 GHz
through 2.48 GHz.
Uses
Technical Specs
• Uses a technique called frequency hopping to
prevent interference.
• Jumps 1600 times a second during data/voice
links.
• Jumps 3200 times a second during inquiry
and page scanning.
3 Classes:
• Range of 100 meters
-USB dongles
• Range of 10 meters
-Battery powered devices like mobile phones
• Range of 1 meter
-Battery powered devices like Bluetooth
adapters
Connections
• Up to 8 devices
can connect.
• There is always
one Master and
the rest are
slaves.
• A full network
is called a
piconet.
Protocols
• SDP - Service Discovery
Protocol
• LMP - Link Managing
Protocol
• L2CAP - Logical Link
Control and Adaption
protocol
• RFCOMM - Radio
Frequency
Communication
• OBEX - Object Exchange
Service Discovery Protocol
• Bluetooth exists in a dynamic environment.
• Devices are constantly moving in and out of
range.
• SDP is responsible for tracking what services
are currently in range and available.
Link Managing Protocol
• Every bluetooth device has a Link Manager
Unit, that keeps track of connected devices.
• New connections are created by first using an
inquiry routine, followed by page command
(calling a device with known address).
• It must be answered correctly.
• When pairing, a link key is established and a
PIN is exchanged.
• The opposing device is then stored in a
"trusted devices" directory.
L2CAP
• Logical Link Control and Adaptation Protocol.
• Provides connection-oriented and
connectionless data services.
• Makes use of ACL (asynchronous
connectionless) packets.
• Used by upper layer protocol like SDP,
RFCOMM and TCS.
Radio Frequency Control
• Makes use of L2CAP protocol.
• Object Exchange Protocol.
• Provides Services for exchange of binary data
objects.
• Optional OBEX authentication is possible.
• Has limited set of commands like GET and
PUT.
• Similar to HTTP.
Separation of Duties
• Duties separated between host and host
controller
• Host is a computing device like a laptop.
-Responsible for L2CAP and SDP.
• Host controller is an integrated or external
Bluetooth Dongle.
-Responsible for Radio, and LMP.
• Bluetooth headsets a prime example of
integration of the two into a single device.
Security Modes
Security Mode 1:
• Non-secure.
• Authentication and Encryption are bypassed.
• Devices in this mode are "promiscuous"
Security Modes
Security Mode 2:
• A security manager controls access to
services/devices.
• Security policies and trust levels can be
specified based on the situation.
• Authorization introduced (if specific device is
allowed specific service).
• Authentication and encryption implemented
at LMP level, below L2CAP.
Security Modes
Security Mode 3:
• Link level enforced security.
• Bluetooth devices initiate security procedure
before physical link is finished establishing.
• Mandated authentication and encryption of all
connections to and from the devices.
• Authentication and encryption based of secret
link key shared once pairing is established.
Security Modes
Security Mode 4:
• Service level enforced security.
• Mandatory for communication between v2.1 +
EDR devices.
• Secure Simple Pairing uses ECDH for key
exchange and link key generation.
• Similar to Mode 2.
Link Level Security
Parameters
There are 4 entities used to setup/maintain the
security at the link level:
• The Bluetooth device address (BD_ADDR), which is a 48-bit
address that is unique for each Bluetooth device and defined and
allocated by the IEEE.
• Private link key, which is a 128-bit random number used for
authentication purposes.
• Private encryption key, 8-128 bits in length that is used for
encryption.
• A Random number (RAND), which is a frequently changing 128bit random or pseudo-random number that is made by the
Bluetooth device itself.
Key Management
There are several kinds of keys in the Bluetooth
system to ensure secure transmission.
• The most important key of these is the link key,
which is used between two BT devices for
authentication purposes.
• Using the link key, an encryption key can be
derived. -This secures the data of the packet and
is regenerated for all new transmissions.
• Finally, the PIN code can be used to help identify
devices to each other.
Link Keys
There are four types of link keys possible. All the
link keys are 128-bit random numbers and are
either temporary or semi-permanent.
• Unit key, KA,is derived at the installation of the Bluetooth device
from a unit A.
• Combination key, KAB, is derived from two units A and B. This
key is generated for each pair of devices and is used when more
security is needed.
• The Master key, Kmaster, is used when the master device wants
to transmit to several devices at ones. It over rides the current
link key only for one session.
• The Initialization key, Kinit, is used in the initialization process.
It protects initialization parameters when they are transmitted.
Encryption Key
• Encryption key is derived from the current
link key. Each time encryption is needed the
encryption key will be automatically changed.
• The reason for separating the authentication
key and encryption key is to facilitate the use
of a shorter encryption key without weakening
the strength of the authentication procedure.
Pin Code
• This is a user selected or fixed number,
normally 4 digits in length, but it can be
anything
• between 1 to 16 octets. The user can change it
when it wants to and this adds security to the
system. The PIN can be used entering it into
one device (fixed PIN), but it is safer to enter
it to both units.
Key Generation
• The exchange of the keys takes place during
an initialization phase, which has to be
carried out separately for each unit. It
consists of the following:
Generation of an initialization key
Authentication
Generation of link key
Link key exchange
Generating of encryption key in each unit
• After this procedure the link is either built or
aborted.
Device Authentication
• The Bluetooth authentication scheme is
essentially a challenge-response strategy, where a
2-move protocol is used to check whether the
other party knows a shared identical secret key (a
symmetric key).
• The protocol checks that both devices have the
same key, and if they do authentication is
successful.
• Also , an ACO value (Authenticated Ciphering
Offset) is generated and stored in both devices.
This value is used to generate the encryption key
later on.
Packet Encryption
• The Bluetooth encryption system
systematically encrypts the payload of each
packet. This is done with a stream cipher E0,
which is re-synchronized for every payload.
• There are several encryption modes available
(depending on whether a device uses a semipermanent link key or a master key). If a unit
key or a combination key is used, broadcast
traffic is not encrypted. Point-to-point traffic
can be either encrypted or not.
Ways to Circumvent
Bluetooth Security
• Bluejacking
• Bluesnarfing
• Bluebugging
Bluejacking
• Spam Attack
• The attacker attempts to send
a phone contact or business
card to another bluetooth
enabled phone.
• The name field of the contact
can be replaced with any text
or in some cases images and
sound.
• Programs designed to
automatically Bluejack devices
include Bluesniff and Bloover.
Bluesnarfing
Making a device connect to another device
without alerting the target of the request.
Used for:
- Gaining access to information on the phone
including the phonebook, images, and
calendar.
Bluebugging
• The attacker controls the target device and
sends commands to perform actions.
• It requires a device to be paired with the
attacker.
• Attacker can make phone calls, send
messages, or eavesdrop on conversations, as
long as they are within a 30 foot range.
Built-in Backtrack Tools
• hciconfig
Configuration tool for Linux distributions
Bluetooth equivalent for ifconfig
• hcitool
-Enumeration tool
-Ability to scan, make connections and gather
information
hcitool -i hci0 scan
hcitool -i hci0 inq
Tools
BlueScan
-Continuously scans for discoverable Bluetooth devices.
-Bluescan will show you the address of the device as well
as the name, manufacturer, services, open channels,
and time of discovery then gives you the option to
export the results to a log. (It's also in Spanish.)
BTScanner
-Simple program that uses all bluetooth interfaces for
scanning in a GUI format.
-Makes a list of all devices found and gives the options to
show more information.
Tools
Car Whisperer
• Connects to bluetooth enabled headsets or hands-free units.
• Most cars use the same pin code for their systems
• Once a connection is established, the carwhisperer program can
send audio, or record audio from the headset. Thus attackers are
able to listen in on conversations from cars.
RedFang
• Searches for hidden Bluetooth devices
• Very slow
BlueSnarfer
•
Grabs contacts and sms from Bluetooth enabled phone
•
Modern devices are not as susceptible
Tools
Ubertooth One
• Blutooth sniffer
that takes the
2.4GHz radio data
in the air and turn
that into a stream
of bits over USB to
be logged and
analyzed.
• Has a plugin for the
popular Wi-Fi
monitoring tool,
Kismet.
Tools
Bluetooth Gun
• Increases the
range of a
bluetooth adapter
by adding an
external antenna
so that a hacker
can scan and
attack Bluetooth
devices from
further away.
Questions?
Sources
•
A Day With Tape (September 2010). Bluetooth Mayhem. Retrieved from:
http://adaywithtape.blogspot.com/2010/09/bluetooth-mayhem.html
•
Bluetooth SIG (Special Interest Group). Bluetooth Basics (2009). Retrieved from
http://www.bluetooth.com/English/Technology/Pages/Basics.aspx.
•
Car Whisper (2006). Retrieved from: http://trifinite.org/trifinite_stuff_carwhisperer.html
•
Dunning, JP. SpoofToof (March, 2010). Retrieved from
http://www.hackfromacave.com/projects/spooftooph.html
•
Gehrmann, Christian. Bluetooth Security (2004). Retrieved from
http://books.google.com/books?id=-fUR0OGZ7bQC
•
Hassam (2008). Types of Bluetooth Hacks and Its Security Issues. Retrieved from:
http://hubpages.com/hub/Types-Of-Bluetooth-Hacks-And-Its-Security-Issues
•
Kunz, Thomas. Ad Hoc, Mobile, and Wireless Networks (2006). Retrieved from:
http://books.google.com/books?id=DjosNSlLl-gC
•
McDaid, Cathel. Bluetooth Security. http://www.palowireless.com/bluearticles/cc1_security1.asp
•
Scarfone, Karen (September 2008). Guide to Bluetooth Security: Recommendations of the
National Institute of Standards and Technology. Retrieved from:
http://csrc.nist.gov/publications/nistpubs/800-121/SP800-121.pdf
•
Stajano, Frank. The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks (1999).
Retrieved from:
http://citeseerx.ist.psu.edu/viewdoc/downloaddoi=10.1.1.36.6723&rep=rep1&type=pdf