Transcript Bluetooth Security - Sameh Assem Ibrahim Homepage
Ain Shams University Faculty of Engineering Integrated Circuits Lab
Bluetooth Security
Presented by:
Mohammed Abdelsattar Ismail Sameh Talal Magd-El-Din Sameh Assem Ibrahim Ahmed Abdelhamid Saleh
1/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
Authentication Encryption
•
Challenge-Response Scheme
•
SAFER+
•
Needed for encryption
•
Optional
•
Symmetric Stream Cipher
•
Negotiable Key Size (8-128 bits)
Bluetooth Security 2/17
PIN or Random Number Random number E 22
E
2 E 21 -Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
K init or K master Encryption K cipher E 0 Link Keys K unit or K combination K c E E 1 3 Authentication
Bluetooth Security 3/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 •
PIN Number
•
Initialization Key
•
Unit Key
•
User Tracking
Bluetooth Security 4/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
Challenge-Response Scheme:
Bluetooth Security 5/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
The authentication function E
1
:
Bluetooth Security 6/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
E
3
-Key generation function for encryption:
Bluetooth Security 7/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
E
2
-Key generation function for authentication:
It has two modes of operation:
1)E
21 22
mode:
# Utilized when creating unit key and combination key.
# Utilized when creating initialization key and master key.
#It also uses the function A’ r .
Bluetooth Security 8/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
Secure and Fast Encryption Routine
•
SAFER K-64 (1993) - Cylink Corporation
•
James L. Massay of ETH Zurich
•
SAFER+ was submitted as one of the candidates to AES 1998
•
Block size = 128 bits, key size = 128 , 192 or 256 bits
•
Bluetooth: A r & A r ‘
•
128 bits block, 128 bits key, 8 rounds, Encryption only
Plaintext Block (16 bytes) Encryption Round 1 Encryption Round 8 Output Transformation Ciphertext Block (16 bytes)
2 16-Byte round subkeys 2 16-Byte round subkeys 1 16-Byte subkey
Bluetooth Security 9/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 round_input : (127:0) Package List ieee std_logic_1164 ieee std_logic_arith ieee std_logic_unsigned
Declarations
@ + + @ @ + + @ @ + + @ @ + + @ e log log e e log log e e log log e e log log e + @ @ + + @ @ + + @ @ + + @ @ +
PHT PHT PHT PHT PHT PHT PHT PHT perm ute PHT PHT PHT PHT A r ’ PHT perm ute PHT PHT PHT PHT PHT PHT PHT PHT PHT PHT PHT perm ute Addition mod 256 – logarithmic – Bit wise XOR PHT PHT PHT PHT PHT PHT PHT PHT e: (45 i mod 257) mod 256
round_output : (127:0)
l: I=e(j)
Bluetooth Security 10/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
Bias words B p [I]=((45 (45 17p+I+1 mod 257) mod 257)mod 256)
Bluetooth Security 11/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001
Controller KEY Scheduler Encryption Round Register
Bluetooth Security 12/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 Bluetooth Security 13/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 Bluetooth Security 14/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 Bluetooth Security 15/17
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 Bluetooth Security 16/17
Pseudo Random Number Generator
-Overview -Blocks used -Weakness -Authentication -E 1 algorithm -Key handling -E 3 -E 2 -SAFER+ -Round -Key Schedule -Implementation -Encryption -modes -Key Reduction -Engine (E 0 ) -Timing -PRNG
5-February-2001 •
Software Bluetooth Standard
•
Hardware LFSR
Non Repeating
• •
23 hr 18 min
•
3.2 kHz Randomly Generated 28 bits
•
Serial
•
128 bits
•
Parallel
Bluetooth Security 17/17