Distributed systems – Part 2 Bluetooth 4 Anila Mjeda
2 Bluetooth Profiles In order to offer interoperability and to provide support for specific applications, the Bluetooth SIG has developed a set of Bluetooth profiles. A profile defines an unambiguous description of the communication interface between two units for one particular service.
3 Bluetooth Profiles Fig 1: Bluetooth profiles All other Bluetooth profiles make use of the Generic Access Profile
4 Generic Access Profile (GAP) The Generic Access Profile defines the generic procedure related to the discovery of Bluetooth devices and the link management aspects of connecting to Bluetooth devices. The GAP also defines the different basic security procedures of a Bluetooth device.
5 Need for Security in Bluetooth Anyone with a Bluetooth device can potentially connect to your Bluetooth device, gaining access to data without your knowledge and permission Security needs depend on the application being developed. Ultimately, the decision on how to implement security is up to the application developer. * Information on this slide comes from
6 Bluetooth Security Toolbox The Bluetooth “security toolbox” is based on the three components: Authentication: used to verify the identity of a device Authorization: determines if a device is to be granted access to specific services offered by another device Encryption: protects data by encoding it prior to transmission
7 Pairing Pairing -> procedure involving exchanging (link management) packets to establish a temporary key, called an initialization key (K init ), for use between two Bluetooth devices wishing to communicate for the first time The pairing procedure requires that an identical Personal Identification Number (PIN) be made available to both devices An application must ask the user for the PIN and deliver it to the Bluetooth stack * Information on this slide comes from
8 Authentication During authentication a device determines whether or not it shares a common authentication key with another device. If two devices are new to one another, the pairing procedure is needed to create the initialization key K init This initialization key is then used to create a semi-permanent authentication key (K AB ) which is authenticated * Information on this slide comes from
9 Bonding Bonding refers to the entire process of link- creating, pairing, creation of semi-permanent authentication key K AB, and authentication Once devices are bonded, pairing does not have to be done again and authentication can proceed (using K AB ) without the need for PIN entry If a device is requested to bond with another device that it already possesses an authentication key for, this key is erased. Pairing is then initiated, establishing another authentication K AB * Information on this slide comes from
10 Authorization Authorization is needed before a device is given permission to access a particular service Authorization requires that Requesting device is authenticated Service being requested is reported to device providing service Device determines whether or not to permit access to service * Information on this slide comes from
11 Trust Trust is an attribute that links authorization permission to a particular device If a device is marked as Trusted, then the authorization process can completed successfully without user interaction Trust can be granted both temporarily and permanently Permanent Trust is usually granted during the initial authorization via A Man-Machine Interface (MMI) A Man-Machine Interface (MMI) is often used to grant Trust * Information on this slide comes from
12 Encryption Encryption relies upon a special encryption key (K c ) generated from the stored authentication key K AB It is not possible to prevent the interception of data that is transmitted wirelessly * Information on this slide comes from
13 Security Modes A Bluetooth connectable device can operate in three different security modes: Security mode 1: A Bluetooth unit in security mode 1 never initiates any security procedures; that is, it never demands authentication or encryption of the Bluetooth link. Security mode 2: When a Bluetooth unit is operating in security mode 2, it shall not initiate any security procedures, that is, demand authentication or encryption of the Bluetooth link, at link establishment. Instead, security is enforced at channel (L2CAP) or connection (e.g., Service Discovery Protocol, RFCOMM) establishment. Security mode 3: When a Bluetooth unit is in security mode 3, it shall initiate security procedures before the link setup is completed. * Information on this slide comes from
14 Security Mode 1 Security mode 1 is the “unsecured” mode in Bluetooth. A unit that offers its service to all connecting devices operates in security mode 1. This implies that the unit does not demand authentication or encryption at connection establishment. For example, an access point that offers information services to anybody is a possible usage scenario for security mode 1. Supporting authentication is mandatory and a unit in security mode 1 must respond to any authentication challenge. However, the unit will never send an authentication challenge itself and mutual authentication is never performed. A unit in security mode 1 that does not support encryption will refuse any request for that. On the other hand, if encryption is supported, the unit should accept a request for switching encryption on. * Information on this slide comes from
15 Security Mode 2 Security mode 2 has been defined in order to provide better flexibility in the use of Bluetooth link-level security. In security mode 2, no security procedures are initiated until a channel or connection request has been received. This means that it is up to the application or service to ask for security. Only when the application or service requires it will the authentication and/or encryption mechanisms be switched on. A sophisticated authentication and encryption policy based on the baseband mechanisms can be implemented using this principle. Security mechanisms enforcement and policy handling must be taken care of by the unit. One possibility is to use a “security manager” to handle this. Security mode 2 comes at the price of higher implementation complexity and the risk of faulty security policies that might compromise the security of the unit. * Information on this slide comes from
16 Security mode 3 In security mode 3, security procedures (authentication and/or encryption) are enforced at connection establishment. Security mode 3 is a simple, always-on security policy. The implementation is easy and that reduces the risks of any security implementation mistakes. The drawback is the lack of flexibility. The unit will not be generally accessible. All connecting units need to be authenticated. * Information on this slide comes from
17 Important Note! Note that in Security Mode 2 the device initiates security procedures after the channel is established (at the higher layers), while in Security Mode 3 the device initiates security procedures before the channel is established (at the lower layers). * Information on this slide comes from
18 Bibliography Bluetooth tutorial: h/tutorial.asp h/tutorial.asp Several tutorials on Bluetooth :