ebook img

Bluetooth Security PDF

222 Pages·2004·1.495 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Bluetooth Security

Bluetooth Security ForalistingofrecenttitlesintheArtechHouseComputerSecurityLibrary, turntothebackofthisbook. Bluetooth Security Christian Gehrmann Joakim Persson Ben Smeets Artech House Boston • London www.artechhouse.com LibraryofCongressCataloging-in-PublicationData AcatalogrecordforthisbookisavailablefromtheU.S.LibraryofCongress. BritishLibraryCataloguinginPublicationData Gehrmann,Christian Bluetoothsecurity.—(ArtechHousecomputinglibrary) 1.Bluetoothtechnology—Securitymeasures 2.Computersecurity I.Title II.Persson,Joakim III.Smeets,Ben 005.8 ISBN1-58053-504-6 CoverdesignbyIgorValdman ©2004ARTECHHOUSE,INC. 685CantonStreet Norwood,MA02062 All rights reserved. Printed and bound in the United States of America. No part of this book maybereproducedorutilizedinanyformorbyanymeans,electronicormechanical,including photocopying,recording,orbyanyinformationstorageandretrievalsystem,withoutpermission inwritingfromthepublisher. Alltermsmentionedinthisbookthatareknowntobetrademarksorservicemarkshavebeen appropriatelycapitalized.ArtechHousecannotattesttotheaccuracyofthisinformation.Useof aterminthisbookshouldnotberegardedasaffectingthevalidityofanytrademarkorservice mark. InternationalStandardBookNumber:1-58053-504-6 10987654321 Contents Preface xi PartI:BluetoothSecurityBasics 1 1 Introduction 3 1.1 Bluetoothsystembasics 3 1.1.1 Background 3 1.1.2 Trade-offs 4 1.1.3 Bluetoothprotocolstack 4 1.1.4 Physicallayer 6 1.1.5 Baseband 7 1.1.6 Linkmanagerprotocol 13 1.1.7 Logicallinkcontrolandadaptationprotocol 15 1.1.8 Hostcontrolinterface 15 1.1.9 Profiles 17 1.2 Bluetoothsecuritybasics 19 1.2.1 Userscenarios 19 1.2.2 Notionsandterminology 22 References 25 v vi BluetoothSecurity 2 OverviewoftheBluetoothSecurityArchitecture 27 2.1 Keytypes 27 2.2 Pairinganduserinteraction 29 2.3 Authentication 30 2.4 Linkprivacy 31 2.4.1 Protectthelink 32 2.4.2 Encryptionalgorithm 32 2.4.3 Modeofoperation 34 2.4.4 Unicastandbroadcast 36 2.5 Communicationsecuritypolicies 37 2.5.1 Securitymodes 38 2.5.2 Securitypolicymanagement 42 References 42 3 BluetoothPairingandKeyManagement 43 3.1 PairinginBluetooth 43 3.2 HCIprotocol 44 3.3 LMprotocol 45 3.4 Basebandevents 46 3.4.1 Initializationkeygeneration 47 3.4.2 Unitkeygeneration 47 3.4.3 Combinationkeygeneration 49 3.4.4 Authentication 50 3.4.5 Masterkeygeneration 52 3.5 Userinteraction 53 3.6 Cipherkeygeneration 54 3.6.1 EncryptionkeyK 54 C 3.6.2 ConstraintkeyK′ 55 C 3.6.3 PayloadkeyK 57 P 3.7 Keydatabases 58 3.7.1 Unitkeysgenerationrequirements 58 3.7.2 Combinationkeygenerationrequirements 58 Contents vii 3.7.3 Keydatabases 60 3.7.4 Semipermanentkeysfortemporaryuse 63 References 63 4 Algorithms 65 4.1 Cryptoalgorithmselection 65 4.1.1 Blockciphers 65 4.1.2 Streamciphers 66 4.2 SAFER+ 67 4.2.1 AuthenticationalgorithmE 70 1 4.2.2 UnitkeyalgorithmE 71 21 4.2.3 InitialkeyalgorithmE 72 22 4.2.4 EncryptionkeyalgorithmE 73 3 4.3 Encryptionengine 73 4.4 CipheringalgorithmE 74 0 4.4.1 Initialization 77 4.5 Implementationaspects 79 References 80 5 BroadcastEncryption 81 5.1 Overview 81 5.2 Preparingforbroadcastencryption 82 5.3 Switchingtobroadcastencryption 83 References 85 6 SecurityPoliciesandAccessControl 87 6.1 Objectives 87 6.1.1 Trustrelations 88 6.1.2 Securitylevels 88 6.1.3 Flexibility 89 6.1.4 Implementationconsiderations 89 6.2 Securitymanagerarchitecture 90 6.2.1 Overview 90 viii BluetoothSecurity 6.2.2 Devicetrustlevel 91 6.2.3 Securitylevelforservices 92 6.2.4 Connectionsetup 92 6.2.5 Databasecontentsandregistrationprocedure 95 Reference 96 7 Attacks,Strengths,andWeaknesses 97 7.1 Eavesdropping 97 7.2 Impersonation 105 7.3 Pairing 107 7.4 Improperkeystorage 109 7.4.1 Disclosureofkeys 110 7.4.2 Tamperingwithkeys 111 7.4.3 Denialofservice 111 7.5 Unitkey 112 7.6 Locationtracking 113 7.6.1 Bluetoothdeviceaddressandlocationtracking 113 7.6.2 Fivedifferenttypesoflocationtrackingattacks 115 7.7 Implementationflaws 116 References 117 PartII:BluetoothSecurityEnhancements 121 8 ProvidingAnonymity 123 8.1 Overviewoftheanonymitymode 123 8.2 Addressusage 124 8.2.1 Thefixeddeviceaddress,BD_ADDR_fixed 124 8.2.2 Theactivedeviceaddress,BD_ADDR 125 8.2.3 Aliasaddresses,BD_ADDR_alias 128 8.3 Modesofoperation 128 8.4 Inquiryandpaging 129 8.4.1 Connectablemode 129 8.4.2 Privateconnectablemode 130 Contents ix 8.4.3 Generalconnectablemode 131 8.5 Aliasauthentication 131 8.6 Pairing 133 8.7 AnonymitymodeLMPcommands 133 8.7.1 Addressupdate,LMP active address 134 8.7.2 Aliasaddressexchange,LMP alias address 134 8.7.3 Fixedaddressexchange, LMP fixed address 135 8.8 Pairingexample 136 References 138 9 KeyManagementExtensions 139 9.1 Improvedpairing 140 9.1.1 Requirementsonanimprovedpairingprotocol 140 9.1.2 Improvedpairingprotocol 141 9.1.3 Implementationaspectsandcomplexity 147 9.2 Higherlayerkeyexchange 149 9.2.1 IEEE802.1xport-basednetworkaccesscontrol 150 9.2.2 HigherlayerkeyexchangewithEAPTLS 152 9.3 Autonomoustrustdelegation 154 9.3.1 Securitygroupextensionmethod 154 9.3.2 Publickey–basedkeymanagement 160 9.3.3 Groupextensionmethodversuspublickeymethod 163 References 164 10 SecurityforBluetoothApplications 167 10.1 Headset 168 10.1.1 Headsetsecuritymodel 168 10.1.2 Pass-keyandkeymanagement 169 10.1.3 Example 171 10.2 Networkaccess 173 10.2.1 Commonaccesskeys 174 10.2.2 Securityarchitecture 175 10.2.3 Networkservicesubscription 175

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.