- •Contents
- •Preface
- •1 Introduction
- •1.1 Bluetooth system basics
- •1.1.1 Background
- •1.1.2 Trade-offs
- •1.1.3 Bluetooth protocol stack
- •1.1.4 Physical layer
- •1.1.5 Baseband
- •1.1.6 Link manager protocol
- •1.1.7 Logical link control and adaptation protocol
- •1.1.8 Host control interface
- •1.1.9 Profiles
- •1.2 Bluetooth security basics
- •1.2.1 User scenarios
- •1.2.2 Notions and terminology
- •References
- •2.1 Key types
- •2.2 Pairing and user interaction
- •2.3 Authentication
- •2.4 Link privacy
- •2.4.1 Protect the link
- •2.4.2 Encryption algorithm
- •2.4.3 Mode of operation
- •2.4.4 Unicast and broadcast
- •2.5 Communication security policies
- •2.5.1 Security modes
- •2.5.2 Security policy management
- •References
- •3 Bluetooth Pairing and Key Management
- •3.1 Pairing in Bluetooth
- •3.2 HCI protocol
- •3.3 LM protocol
- •3.4 Baseband events
- •3.4.1 Initialization key generation
- •3.4.2 Unit key generation
- •3.4.3 Combination key generation
- •3.4.4 Authentication
- •3.4.5 Master key generation
- •3.5 User interaction
- •3.6 Cipher key generation
- •3.7 Key databases
- •3.7.1 Unit keys generation requirements
- •3.7.2 Combination key generation requirements
- •3.7.3 Key databases
- •3.7.4 Semipermanent keys for temporary use
- •References
- •4 Algorithms
- •4.1 Crypto algorithm selection
- •4.1.1 Block ciphers
- •4.1.2 Stream ciphers
- •4.2 SAFER+
- •4.3 Encryption engine
- •4.4 Ciphering algorithm E0
- •4.4.1 Initialization
- •4.5 Implementation aspects
- •References
- •5 Broadcast Encryption
- •5.1 Overview
- •5.2 Preparing for broadcast encryption
- •5.3 Switching to broadcast encryption
- •References
- •6 Security Policies and Access Control
- •6.1 Objectives
- •6.1.1 Trust relations
- •6.1.2 Security levels
- •6.1.3 Flexibility
- •6.1.4 Implementation considerations
- •6.2 Security manager architecture
- •6.2.1 Overview
- •6.2.2 Device trust level
- •6.2.3 Security level for services
- •6.2.4 Connection setup
- •6.2.5 Database contents and registration procedure
- •Reference
- •7 Attacks, Strengths, and Weaknesses
- •7.1 Eavesdropping
- •7.2 Impersonation
- •7.3 Pairing
- •7.4 Improper key storage
- •7.4.1 Disclosure of keys
- •7.4.2 Tampering with keys
- •7.4.3 Denial of service
- •7.5 Unit key
- •7.6 Location tracking
- •7.6.1 Bluetooth device address and location tracking
- •7.6.2 Five different types of location tracking attacks
- •7.7 Implementation flaws
- •References
- •8 Providing Anonymity
- •8.1 Overview of the anonymity mode
- •8.2 Address usage
- •8.3 Modes of operation
- •8.4 Inquiry and paging
- •8.4.1 Connectable mode
- •8.4.2 Private connectable mode
- •8.4.3 General connectable mode
- •8.5 Alias authentication
- •8.6 Pairing
- •8.7 Anonymity mode LMP commands
- •8.8 Pairing example
- •References
- •9 Key Management Extensions
- •9.1 Improved pairing
- •9.1.1 Requirements on an improved pairing protocol
- •9.1.2 Improved pairing protocol
- •9.1.3 Implementation aspects and complexity
- •9.2 Higher layer key exchange
- •9.2.2 Higher layer key exchange with EAP TLS
- •9.3 Autonomous trust delegation
- •9.3.1 Security group extension method
- •9.3.3 Group extension method versus public key method
- •References
- •10 Security for Bluetooth Applications
- •10.1 Headset
- •10.1.1 Headset security model
- •10.1.2 Pass-key and key management
- •10.1.3 Example
- •10.2 Network access
- •10.2.1 Common access keys
- •10.2.2 Security architecture
- •10.2.3 Network service subscription
- •10.2.4 Initial connection
- •10.2.5 Subsequent access to NAcPs
- •10.3 SIM access
- •10.3.1 The SIM access profile
- •10.3.2 Securing SIM access
- •References
- •Glossary
- •List of Acronyms and Abbreviations
- •About the Authors
- •Index
184 |
Bluetooth Security |
Client |
Server |
|
|
Security filter |
|
M |
Check if |
|
|
access is |
Access control |
|
granted? |
|
Response |
If OK, forward |
database |
|
||
M to SIM |
|
|
|
|
|
|
M |
|
|
SIM |
|
Figure 10.7 Access control to a SIM.
process or a security filter will check all messages from the client to the subscription module, as is illustrated in Figure 10.7. The filter makes sure that only messages allowed according to the access database are forwarded to the subscription module.
Another security problem with the SIM access profile is that the PIN needed to open the SIM is sent from the client to the server. This means that if the client device is untrusted or infected by malicious software, the PIN for the card can be intercepted by a third party. To avoid this, the access filter in Figure 10.7 shall not accept PIN commands from the client, but demand the SIM to be opened from the server device. Then the user must enter the SIM PIN into the trusted server device before the SIM access profile connection is set up. Clearly, this implies that a proper input interface must be present at the SIM access server.
References
[1]Bluetooth Special Interest Group, Bluetooth Security White Paper, Version 1.0, 19 April 2002.
[2]Gehrmann, C., and K. Nyberg, “Enhancements to Bluetooth Baseband Security,” Proc. Nordsec 2001, Copenhagen, November 2001, pp. 39–53.
[3]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.1, Profiles, Part K:6 Headset Profile, February 2001.
[4]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.0, Personal Area Networking Profile, February 2003.
[5]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 1.0, Bluetooth Network Encapsulation Protocol (BNEP) Specification, February 2003.
Security for Bluetooth Applications |
185 |
|
|
[6]IEEE, IEEE Std., 802.1x-2001, Version 2001, Port-Based Network Access Control, June 2001.
[7]Dierks, T., and C. Allen, The TLS Protocol, Version 1.0, RFC 2246, January 1999.
[8]Kent, S., and R. Atkinson, IP Encapsulating Security Payload (ESP), RFC 1827, November 1998.
[9]3rd Generation Partnership Programme, 3GPP TS 11.11, Specification of the Subscriber Identity Module Mobile Equipment (SIM-ME) Interface, Version 8.10.0, September 2003.
[10]International Organization for Standardization, ISO/IEC 7816-3 Information Technol- ogy—Identification Cards Integrated Circuit(s) Cards with Contacts—Part 3: Electronic Signals and Transmission Protocols, 2nd ed., 1997.
[11]Bluetooth Special Interest Group, Specification of the Bluetooth System, Version 0.95, SIM Access Profile Specification, June 2002.