“I don’t have to be careful, I’ve got a gun.” security Bluetooth Lauri Mikkola “I don’t have to be careful, I’ve got a gun.” -Homer Simpson

About Bluetooth Developed by a group called Bluetooth Special Interest Group (SIG), formed in may 1998 Founding members were Ericsson, Nokia, Intel, IBM and Toshiba Bluetooth connects different wireless devises, like laptops, mobile phones, PDAs, refrigerators etc. Bluetooth is intended to distances about 10 meters (piconet) 13.11.2018

Bluetooth details Utilizes the 2.45Ghz ISM-band Uses fast frequency-hopping spread spectrum (FHSS) technique between 79 frequencies 1600/s Can give bit rates up to 1 Mbps Piconet consist of max 8 nodes Low cost ( ~5€ ) and small size 13.11.2018

Bluetooth components Radio unit Baseband unit TDD and FHSS Baseband unit Voice to data conversion, packet segmentation, master/slave communication, identification of parties, control authorization Link Management Protocol (LMP) Set up connections and implement security features like key exchanges and encryption Logical Link Control and Adaptation Protocol (L2CAP) Multiplexing, packer segmentation/reassemly, QoS Service Discovery Protocol (SDP) Queries a Bluetooth devise and checks what services it supports 13.11.2018

Bluetooth protocol Architecture 13.11.2018

Bluetooth security features The Bluetooth specification include security features at the link level Supports authorization, authentication and encryption Based on a secret link key that is shared by a pair of devices Link key generated by a pairing procedure when two devices communicate for the first time 13.11.2018

Security modes of Bluetooth(1) No security, for testing only. Allows other Bluetooth devices initiate connections with it, PUSH messages Security mode 2 A device does not initiate security procedures before establishment of the link between the devices at the L2CAP level. Trusted and untrusted devices Security polices can flexible impose different trust levels: authentication, authorisation and encyrption 13.11.2018

Security modes of Bluetooth (2) Security at the Baseband level Security manager imposes security policies LMP makes encryption and key exchanges 13.11.2018

Key Management (1) Link keys All keys are 128bit random numbers and are either temporary or semi-permanent Unit key KA , unique long-term private key of a device Combination key KAB derived from units A and B. Generated for each pair of devices Master key Kmaster ,used when master device wants to transmit to several devices at once Initialization key Kinit ,used in the initialization process. 13.11.2018

Key Management (2) Encryption key PIN Code Derived from the current link key. Each time encryption is needed the encryption key will be automatically changed Separated from authentication key PIN Code Fixed or selected by the user Usually 4 digits, can be 8 to 128 bits Shared secret 13.11.2018

Establishment of Initialization Key (Pairing) 13.11.2018

Verification of Initialization Key (Pairing) 13.11.2018

Establishment of Link Key (1) (Pairing) Link key of devices A and B = unit key KA of device A 13.11.2018

Establishment of Link Key (2) (Pairing) Link key of devices A and B = combination key KAB 13.11.2018

Authentication and Encryption Authentication by issuing a challenge to another device The other device replies to challenge with a message based on the challenge, the Device address and the shared link key. The device that issued the challenge verifies the response and authenticates if the response is equals to it’s own calculations. Encryption is based on the 4 LFSR algorithm 13.11.2018

Bluetooth security weaknesses (1) Unlike in 802.11b WLAN, the security algorithms of Bluetooth are considered strong. However there are some attack possibilities PIN weakness Initial authentication is based on a PIN that can be anywhere between 8-128 bits. If poorly chosen can be easy to guess Impersonation A hacker can scan the MIN and ESN and pretend to be someone else Stealing the Unit Key Only the device is authenticated, not the user Replay attacks A hacker can record Bluetooth transmissions in all 79 frequencies and then in some way figure out frequency hopping sequence and then replay the whole transmission. 13.11.2018

Bluetooth security weaknesses (2) Man in the middle Bluetooth authentication is not based on public key certificates. It is possible to play man in the middle Location attack A Bluetooth device has (globally) a unique identification number, therefore it is possible to identify and locate users position Denial-of-Service attack Jamming the whole ISM band, takes lot of energy Put so many Bluetooth devices that the band is consumed Try to connect, authentication fails, but a legal client will not get through either 13.11.2018

How to avoid being attacked Paring is the most critical moment of a attack Paring should be performed in a most secure place Long PIN numbers are strongly encouraged Avoid using unit keys. Use combination keys To check default settings of device Chose to respond only to inquiries of known devices Do not save PIN permanently in memory 13.11.2018

For the paranoid MobileCloak Cloaktec Shied (fabric) Nylon Shell Blocks 10Mhz to 20Ghz signal Nylon Shell Lightweight Only $34 www.mobliecloak.com mCloak r5TM for Bluetooth 13.11.2018