Transcript Document

An Analysis of
Bluetooth Security
Team A:
Padmaja Sriraman
Padmapriya Gudipati
Sreenivasulu Lekkala
Introduction
Short range radio technology which
utilizes wireless protocol.
 Can transmit data up to 100 meters.
 Composed of 8 active devices which
share a master – slave relationship.
 Developed by Bluetooth Special
Interest Group (SIG).

Types of keys
LINK KEY
SEMI TRANSPARENT
UNIT KEY
TEMPORARY KEY
COMBINATION KEY
INITIALIZATION
MASTER
CIPHERING KEY
ENCRYPTION KEY
CONSTRAINED ENCRYPTION KEY
PAYLOAD KEY
Security Architecture
Generation of initialization key
 Authentication
 Generation of link key
 Link key exchange
 Generation of encryption key

Key Pairing





Generation of initialization key: A method similar
to SAFER+ Block Cipher is used. The input to
this method is the public address of the
bluetooth unit, PIN, length of the pin and a
random number
Authentication: This process involves a
challenge-response scheme.
Link key generation: Any one type of the key is
generated.
Link key exchange: The generated key is
exchanged.
Generation of encryption key: Uses Cipher Keys
for encryption of data
Modes of Operation




Mode 1 – No Security. Authentication and
encryption are bypassed.
Mode2 –Service level security. Used after
the link connection is established.
Mode3 – Link level security. Uses the link
keys.
Mode4 – Similar to Mode2 but with
enhanced security techniques
Eavesdropping



Attacker can see and change the
payload
Easy when it is not encrypted
One solution is frequency hopping
technology



2.4 GHZ ISM band which is license free
Hops between frequencies in pseudorandom order
Difficult to pick up the signal
Impersonation

Receivers want to be sure that they receive from
original sending party
 Attacker impersonates the sending unit
• Needs to give correct response to the challenge
• Not easy, No attack on SAFER+ known

Changes the payload data
• Easy if no encryption, manipulate CRC
• Since CRC calculation is a linear task
• Attacker can compute how to modify CRC according
to modification to encrypted data
Combination key generation
K= current link key
KAB = Combination key
Pairing

Can be prone to attack if it is done in
public places

The current link key used to generate the
combination key, KAB, is derived as
KINT=E22(BD_ADDR_A, IN_RAND,PKEY)
PKEY is the secret pass key
 If an attacker can guess PKEY, he can
calculate combination key
 If PKEY is short, it becomes easy to
guess it

Authentication(ChallengeResponse)
Verifier
BD_ADDRB
Claimant
AU_RAND
Calculates
SRES’



SRES
Success if SRES’==SRES
SRES=E1(KAB,AU_RAND,BD_ADDRB)
If PKEY is small, attacker can try possible
value to get a match between SRES’ and SRES
Short passkey values should be avoided
Improper key storage

Disclosure of keys




Malicious USB plugs, Viruses, Trojan horses
Device should be paired with hosts it is
allowed on
Host should communicate only with trusted
parties
Adding link key to the database without
pairing



Device assumes that valid bonding exists
Restrict the access
Encrypt the database
Contd…

Denial of service
Delete or corrupt the link keys in the
database
 Change the CRC along with the keys
 Authentication fails repeatedly, waiting
time increases
 Solution is to request new pairing
 Need to provide good integrity
protection to the database

Location Tracking




Tracking users movements by tracking
bluetooth device
Bluetooth access codes CAC, LAC, IAC are
derived from the device address
These codes help in tracking
To prevent this devices operate in
anonymity mode updating their device
address randomly
Implementation flaws




Key database management, user
interaction, memory protection
Snarf attack – Set up connection without
consent or alerting
Backdoor attack – Erase link from list of
paired devices but not from database of
the victim. Attacker attacks the target
Bluejacking – Sending unsolicited
messages to bluetooth devices
Security for Bluetooth
Applications
•
•
•
1.
2.
3.
Bluetooth security will depend on the
application exactly how one should
use.
Some applications need more security
design than other applications because
some applications are more security
sensitive.
Here we discuss the security
mechanisms for three different
bluetooth applications.
Headset.
Network Access.
SIM Access.
Headset






The Bluetooth headset profile is used for headset
connections to mobile phones and laptops.
The security association is used to authenticate
and encrypt all communication between two
Bluetooth wireless devices.
Bluetooth pass-key usage can prevent illegal use
of stolen headset.
A typical headset configuration consists of two
devices a headset (HS) and audio gateway (AG).
AG is typically a cellular phone , laptop , PC.
The communication between HS and AG is
protected by the authentication and encryption
mechanisms.
Headset (contd..)




The HS and AG need to store the passkeys and link-keys for secure connections.
HS usually does not have the user
interface , AG will control some of the
basic settings of HS (e.g volume setting,
changing the passkey).
The pairing will only succeed if only the
AG knows the correct pass-key of HS.
If the HS is stolen , the thief will not
know the pass-key and will not succeed
to connect to the HS with another AG.
Network Access




Network access to an IP network in Bluetooth
is provided through PAN profile.
Network access points (NAcP) connected to LAN
through wired network in one side and the other
side Bluetooth wireless devices will be
connected.
NAcPs can be accessed by anybody because it is
open , but service will be restricted by service
provider , only authorized persons will be
allowed to access the network.
Suggested security architecture is built around
common access key (CAK) concept .
SIM Access




The SIM (subscription identity module)
access application is provided by a
Bluetooth profile.
A SIM card is an integrated circuit used in
GSM mobile telephone system. It is used
to hold the subscriber information.
The Bluetooth SIM access profile defines
procedures and protocols for access to a
remote SIM over a Bluetooth connection.
The SIM is used for security critical
services. The card holds secret keys and
subscriber information.
Conclusion
Bluetooth is a widely used
technology for short distance
wireless communication
 Still has security loopholes and
research is going on to improve
security

References
[1] Christian Gehrmann, Joakim Persson, Ben Smeets,
Bluetooth Security, Artech House, 2004
[2] http://www.cs.utk.edu/~tyang/wireless/blue.htm
[3] http://www.cs.utk.edu/~dasgupta/bluetooth/
[4] http://en.wikipedia.org/wiki/Bluetooth
[5]. http://www.bluetooth.com/Bluetooth/Technology