Linux.com Article DB: The Commands Remain the Same: BlueTooth Technology and Linux

A Note on Understanding Bluetooth Security

Security is a prime area of concern for any field. No company wants their valuable data caught from the thin air by an eavesdropper. Security has been given extreme importance right from the start in designing the core of Bluetooth. Techniques such as frequency hopping add some natural built-in security. Take a few more steps, and you will have a well secured network, protected from wandering eye balls.

The Safer Transmission of Data

Bluetooth has built in encryption and authentication and is thus secure in any environment. In addition to this, a frequency-hopping scheme with 1600 hops/sec. is employed. This is far quicker than any other competing system. This, together with an automatic output power adaption, both by the transmitter and the receiver, to reduce the range exactly to requirement, makes the system extremely difficult to eavesdrop.

Information Integrity in Bluetooth

The communicated data may have to be encrypted or the access to the device may have to be restricted by providing an authentication point. Both these functions are provided by the Bluetooth baseband. The application may itself encrypt its data for added security.

These procedures use four values:

the device address(which is public),
a private authentication key(128 bits),
private encryption key(8-128 bits, configurable)
a random number generation.

As the keys have to be secret, they cannot be obtained by inquiry. The security procedure require a secret PIN to be known to the user(or stored by her application) for accessing a particular device.

The main steps in the procedure are:

The initialization key is generated by combining various quantities such as the PIN, its length, a random number and the device address (in HEX format). Integration of device address increases the number of key-combinations, and thereby reduces the probability for a fraudulent device to access the network.
The authentication procedure is similar to the one carried out in SSL transactions and is known as a challenge response scheme. A random number is sent by a verifier unit. Another number is generated by the claimant device using the initialization key or a link key from a previous communication and the required device address. The number is again passed on to the receiver wherein it is counter checked. Only by passing this three-tier process does the data gets transferred securely.
The claimant may also carry out a verification on the verifier using a similar procedure.
Each Bluetooth unit has a unit key, installed in its non-volatile memory. The device now uses the initialization key to encrypt this unit key and send it to the other device which decrypts it using the initialization key exchanged earlier.
The second device may add its own unit key to the unit key of the first device and generate a combination link key if both the devices are capable of handling this. Otherwise, the unit key of one of the devices is treated as the link key. The link key is communicated to the first device. The initialization key is discarded.
An encryption key is now generated from the link key, a random number and another number obtained from a fixed procedure. Both the devices can generate this encryption key as all the required information is known to both devices. This key, with some modification as described later, is used to encrypt data payloads.

The link key is remembered. If another link is to be established between the two devices at a later time, this link key can be used directly. This eliminates the need to send keys over the channel again. Thus, data can be transmitted securely with minimum user interaction.

Originally Published: Tuesday, 16 October 2001	Author: Devang Shah and Anurag Phadke
Published to: enhance_articles_hardware/Hardware News	Page: 5/6 - [Printable]
The Commands Remain the Same: BlueTooth Technology and Linux Linux.com is pleased to publish this well researched look at the emerging field of wireless networking, focusing on Bluetooth technology and Linux. Learn all about Bluetooth and even modifying the kernel (when needed) to support it.

	<< Page 5 of 6 >>
A Note on Understanding Bluetooth Security Security is a prime area of concern for any field. No company wants their valuable data caught from the thin air by an eavesdropper. Security has been given extreme importance right from the start in designing the core of Bluetooth. Techniques such as frequency hopping add some natural built-in security. Take a few more steps, and you will have a well secured network, protected from wandering eye balls. The Safer Transmission of Data Bluetooth has built in encryption and authentication and is thus secure in any environment. In addition to this, a frequency-hopping scheme with 1600 hops/sec. is employed. This is far quicker than any other competing system. This, together with an automatic output power adaption, both by the transmitter and the receiver, to reduce the range exactly to requirement, makes the system extremely difficult to eavesdrop. Information Integrity in Bluetooth The communicated data may have to be encrypted or the access to the device may have to be restricted by providing an authentication point. Both these functions are provided by the Bluetooth baseband. The application may itself encrypt its data for added security. These procedures use four values: the device address(which is public), a private authentication key(128 bits), private encryption key(8-128 bits, configurable) a random number generation. As the keys have to be secret, they cannot be obtained by inquiry. The security procedure require a secret PIN to be known to the user(or stored by her application) for accessing a particular device. The main steps in the procedure are: The initialization key is generated by combining various quantities such as the PIN, its length, a random number and the device address (in HEX format). Integration of device address increases the number of key-combinations, and thereby reduces the probability for a fraudulent device to access the network. The authentication procedure is similar to the one carried out in SSL transactions and is known as a challenge response scheme. A random number is sent by a verifier unit. Another number is generated by the claimant device using the initialization key or a link key from a previous communication and the required device address. The number is again passed on to the receiver wherein it is counter checked. Only by passing this three-tier process does the data gets transferred securely. The claimant may also carry out a verification on the verifier using a similar procedure. Each Bluetooth unit has a unit key, installed in its non-volatile memory. The device now uses the initialization key to encrypt this unit key and send it to the other device which decrypts it using the initialization key exchanged earlier. The second device may add its own unit key to the unit key of the first device and generate a combination link key if both the devices are capable of handling this. Otherwise, the unit key of one of the devices is treated as the link key. The link key is communicated to the first device. The initialization key is discarded. An encryption key is now generated from the link key, a random number and another number obtained from a fixed procedure. Both the devices can generate this encryption key as all the required information is known to both devices. This key, with some modification as described later, is used to encrypt data payloads. The link key is remembered. If another link is to be established between the two devices at a later time, this link key can be used directly. This eliminates the need to send keys over the channel again. Thus, data can be transmitted securely with minimum user interaction.
	<< Page 5 of 6 >>