- •Contents
- •Preface
- •1 Introduction
- •1.1 Bluetooth system basics
- •1.1.1 Background
- •1.1.2 Trade-offs
- •1.1.3 Bluetooth protocol stack
- •1.1.4 Physical layer
- •1.1.5 Baseband
- •1.1.6 Link manager protocol
- •1.1.7 Logical link control and adaptation protocol
- •1.1.8 Host control interface
- •1.1.9 Profiles
- •1.2 Bluetooth security basics
- •1.2.1 User scenarios
- •1.2.2 Notions and terminology
- •References
- •2.1 Key types
- •2.2 Pairing and user interaction
- •2.3 Authentication
- •2.4 Link privacy
- •2.4.1 Protect the link
- •2.4.2 Encryption algorithm
- •2.4.3 Mode of operation
- •2.4.4 Unicast and broadcast
- •2.5 Communication security policies
- •2.5.1 Security modes
- •2.5.2 Security policy management
- •References
- •3 Bluetooth Pairing and Key Management
- •3.1 Pairing in Bluetooth
- •3.2 HCI protocol
- •3.3 LM protocol
- •3.4 Baseband events
- •3.4.1 Initialization key generation
- •3.4.2 Unit key generation
- •3.4.3 Combination key generation
- •3.4.4 Authentication
- •3.4.5 Master key generation
- •3.5 User interaction
- •3.6 Cipher key generation
- •3.7 Key databases
- •3.7.1 Unit keys generation requirements
- •3.7.2 Combination key generation requirements
- •3.7.3 Key databases
- •3.7.4 Semipermanent keys for temporary use
- •References
- •4 Algorithms
- •4.1 Crypto algorithm selection
- •4.1.1 Block ciphers
- •4.1.2 Stream ciphers
- •4.2 SAFER+
- •4.3 Encryption engine
- •4.4 Ciphering algorithm E0
- •4.4.1 Initialization
- •4.5 Implementation aspects
- •References
- •5 Broadcast Encryption
- •5.1 Overview
- •5.2 Preparing for broadcast encryption
- •5.3 Switching to broadcast encryption
- •References
- •6 Security Policies and Access Control
- •6.1 Objectives
- •6.1.1 Trust relations
- •6.1.2 Security levels
- •6.1.3 Flexibility
- •6.1.4 Implementation considerations
- •6.2 Security manager architecture
- •6.2.1 Overview
- •6.2.2 Device trust level
- •6.2.3 Security level for services
- •6.2.4 Connection setup
- •6.2.5 Database contents and registration procedure
- •Reference
- •7 Attacks, Strengths, and Weaknesses
- •7.1 Eavesdropping
- •7.2 Impersonation
- •7.3 Pairing
- •7.4 Improper key storage
- •7.4.1 Disclosure of keys
- •7.4.2 Tampering with keys
- •7.4.3 Denial of service
- •7.5 Unit key
- •7.6 Location tracking
- •7.6.1 Bluetooth device address and location tracking
- •7.6.2 Five different types of location tracking attacks
- •7.7 Implementation flaws
- •References
- •8 Providing Anonymity
- •8.1 Overview of the anonymity mode
- •8.2 Address usage
- •8.3 Modes of operation
- •8.4 Inquiry and paging
- •8.4.1 Connectable mode
- •8.4.2 Private connectable mode
- •8.4.3 General connectable mode
- •8.5 Alias authentication
- •8.6 Pairing
- •8.7 Anonymity mode LMP commands
- •8.8 Pairing example
- •References
- •9 Key Management Extensions
- •9.1 Improved pairing
- •9.1.1 Requirements on an improved pairing protocol
- •9.1.2 Improved pairing protocol
- •9.1.3 Implementation aspects and complexity
- •9.2 Higher layer key exchange
- •9.2.2 Higher layer key exchange with EAP TLS
- •9.3 Autonomous trust delegation
- •9.3.1 Security group extension method
- •9.3.3 Group extension method versus public key method
- •References
- •10 Security for Bluetooth Applications
- •10.1 Headset
- •10.1.1 Headset security model
- •10.1.2 Pass-key and key management
- •10.1.3 Example
- •10.2 Network access
- •10.2.1 Common access keys
- •10.2.2 Security architecture
- •10.2.3 Network service subscription
- •10.2.4 Initial connection
- •10.2.5 Subsequent access to NAcPs
- •10.3 SIM access
- •10.3.1 The SIM access profile
- •10.3.2 Securing SIM access
- •References
- •Glossary
- •List of Acronyms and Abbreviations
- •About the Authors
- •Index
164 |
Bluetooth Security |
the standard Bluetooth pairing, which is not the case for the PCD-based approach.
References
[1]Kügler, D., “Man in the Middle Attacks on Bluetooth,” revised papers, in R. N. Wright, ed., Financial Cryptography, 7th International Conf., FC 2003, Guadeloup, No. 2742 in LNCS, Springer-Verlag, 2003, pp. 149–61.
[2]Jakobsson, M., and S. Wetzel, “Security Weaknesses in Bluetooth,” in D. Naccache, (ed.), Proc. RSA Conf. 2001, No. 2020 in LNCS, San Francisco: Springer-Verlag, April 8–12, 2001.
[3]Diffie, W., and M. E. Hellman, “New Directions in Cryptography,” IEEE Trans. Information Theory, Vol. 22, 1976, pp. 644–654.
[4]Shamir, A., R. L. Rivest, and L. Adleman, “A Method for Obtaining Digital Signatures and Public Key Cryptosystems,” Comm. ACM, Vol. 21, 1978, pp. 294–299.
[5]Stajano, F., and R. Anderson, “The Resurrecting Duckling: Security Issues for ad-hoc Wireless Networks,” Security Protocols, 7th International Workshop, No. 1796 in LNCS, Cambridge: Springer-Verlag, April 1999.
[6]Maher, D., “Secure Communication Method and Apparatus,” U.S. Patent No. 5,450,492, 1995.
[7]Sovio, S., et al. “D13, Annex 2, Specification of a Security Architecture for Distributed Terminals,” Report IST-2000-25250, IST project SHAMAN, 2002.
[8]Larsson, J.-O., “Higher Layer Key Exchange Techniques for Bluetooth Security,” Open Group Conf., Amsterdam, October 24, 2001.
[9]van Oorschot, P. C., A. J. Menezes, and S. A. Vanstone, Handbook of Applied Cryptography, Boca Raton, FL: CRC Press, 1997.
[10]Jain, S. K., P. B. Bhattacharya, and S. R. Nagpaul, Basic Abstract Algebra, Cambridge: Cambridge University Press, 1986.
[11]NIST, FIPS 180-1, Secure Hash Standard, National Technical Information Service, Springfield, VA, April 1995.
[12]Simmons, G. J., “A Survey of Information Authentication,” in G. J. Simmons, (ed.), Contemporary Cryptology, The Science of Information Integrity, New York: IEEE Press, 1992, pp. 379–420.
[13]Reed, I. S., and G. Solomon, “Polynomial Codes over Certain Finite Fields,” J. Society for Industrial and Applied Mathematics, Vol. 8, 1960, pp. 300–304.
[14]Menezes, A. J., Elliptic Curve Public Key Cryptosystems, Dordrecht: Kluwer, 1993.
[15]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.1, Profiles, Part K:1O Object Exchange Profile, February 2001.
Key Management Extensions |
165 |
|
|
[16]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.0, Personal Area Networking Profile, February 2003.
[17]Bunk, L., and J. Vollbrecht, PPP Extensible Authentication Protocol (EAP), RFC 2284, March 1998.
[18]IEEE, IEEE Std., 802.1x-2001, Version 2001, Port-Based Network Access Control, June 2001.
[19]IEEE, Standard Specifications for Public Key Cryptography, IEEE Std. 1353-2000, 2000.
[20]ANSI, Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography, ANSI X.9.63, 2001, 2001.
[21]Blake-Wilson, S., “Higher Layer Key Exchange in Bluetooth,” manuscript, private communication, 2001.
[22]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.0, Bluetooth Network Encapsulation Protocol (BNEP) Specification, February 2003.
[23]Kohl, J., and C. Neuman, The Kerberos Network Authentication Service (V5), RFC 1510, September 1993.
[24]Aboba, B., and D. Simon, PPP EAP TLS Authentication Protocol, RFC 2716, October 1999.
[25]Dierks, T., and C. Allen, The TLS Protocol, Version 1.0, RFC 2246, January 1999.
[26]Kent, S., and R. Atkinson, IP Encapsulating Security Payload (ESP), RFC 1827, November 1998.
[27]Kent, S., and R. Atkinson, IP Authentication Header, RFC 2402, November 1998.
[28]Gehrmann, C., and K. Nyberg, “Security in Personal Area Networks,” in Security for Mobility, Herts: IEE, 2004.
[29]Mitchell, C., et al, “D13, Annex 3, wp3—Final Technical Report,” Report IST-2000-25250, IST project SHAMAN, 2002.
[30]Mitchell, C., and R. Schaffelhofer, “The Personal PKI,” in Security for Mobility, Herts: IEE, 2004.
[31]“Information Technology—Open System Interconnection—The Directory: Authentication Framework,” ISO/IEC 9594-8, 1995.
[32]RSA Data Security Inc., Redwood City, CA, PKCS #10: Certification Request Syntax Standard, v1.7, 2000.