WirelessGalaxy
Call us Toll free 1.800.569.8486
Cell Phone Accessories Cell Phones Bluetooth Data Connectivity Cell Phone Batteries
iPOD Accessories Video Game Accessories Flash Memory Network Cards Unlock Antennas & Amplifiers
Two Way Radios GPS Headsets PDA Accessories T -Mobile Plans Sprint Plans Ring tones
SEARCH
View Shopping Cart View Shopping Cart
  Home > Research Center > Bluetooth >Bluetooth Security Issues
Categories
  • Bluetooth
  • Cell Phones
  • iPOD Accessories
  • Video Game Accessories
  • Flash Memory
  • Network Cards
  • Antennas and Amplifiers
  • 2 Way Radios
  • GPS
  • Headsets
  • Smart Phones and PDAs
  • Cell Phone Batteries
  • iPods
  • Latest / Concept / Upcoming products
    •  
    Bluetooth
     Bluetooth Security Issues
    Posted By: Deb Shinder Posted On: Wednesday, August 22, 2007
     

    Bluetooth can operate in one of three security models:

    • Mode 1 is non security.
    • Mode 2 provides security at the service level, after the channel is established.
    • Mode 3 provides security at the link level, before the channel is established.

    Each Bluetooth device has a unique 48-bit device address. The authentication scheme is challenge-response, using symmetric keys, and encryption is done with a key that can be up to 128 bits (negotiated by the communicating devices, with each device having a maximum key length defined). A 128 bit random link key handles security transactions between two or more devices.

    When two Bluetooth devices establish a communications channel, they both create an initialization key. A passkey or Personal Identification Number is input and the inititalization key is created, and the link key is calculated using it. Then the link key is used for authentication.

    The first security concern is the passkey or PIN. As with any key, long keys are more secure than short ones. If a hacker is able to discover the passkey, he can calculate possible initiation keys, and then from that, calculate the link key. Making the passkey long will make it much harder to accomplish the first step.

    The initial key exchange takes place over an unencrypted link, so it is especially vulnerable. It’s best if this part of the BT device pairing process takes place in a more physically secure location (that is, where there are not likely to be any lurkers with BT devices who could intercept the communications). A hacker could record transmissions sent over the BT frequency and use them to recreate the PIN.

    Rather than using the same fixed passkey all the time, it should be changed frequently (how frequently depends on the types of devices and the required security level).

    Link keys can be combination keys or unit keys. Best security practice is to use combination keys instead of unit keys. When you use a unit key, you must use the same key for all secure transactions, and the key has to be shared with other trusted devices. This means any trusted device can potentially access traffic with other trusted devices using this key.

    It’s possible to use the Bluetooth address to identify a particular device (and associated user) and log those transactions, which can create privacy concerns.

       
    More Bluetooth Articles
     Using Bluetooth With Your Pocket PC
     Wireless USB Vs. Bluetooth
     Make Your Car Wireless
     Ten Reasons You Should Use Bluetooth
     The Bluetooth Adapter: What Can it Do?
     Do You Need Bluetooth?
     Bluetooth Can Be Cracked!
     Bluetooth in the Home Office
     How To Make Your Driving Safer With Bluetooth
     Car Entertainment Systems Just Got Better
     How To Install Bluetooth Mobile Phone On Pc
     Adding Wireless Keyboards and Mice
     Connecting to a Bluetooth Device from Windows
     Retrofitting Your Car With a Bluetooth
     Brushing Up on Bluetooth
     Using Bluetooth with a Mac
     Nokia releases S60 SDK Bluetooth Driver
     What is Bluejacking
     Why Does Bluetooth Security Matter
     What is Bluebugging
     What is Bluesnarfing
     Bluetooth And Infared
     10 Benefits Of Bluetooth
     Control of link connections
     Connection protocol
     Bluetooth technology
     Overview of Bluetooth characteristics
     Hotsyncing Your Treo 650 With Bluetooth
     Who Owns Bluetooth
     Difference Between Bluetooth and Wi-Fi
     How to bluetooth enable your remote controlled car
     Sony Ericsson MBW-100 Bluetooth Watch
     Bluetooth FAQ
     Why use Bluetooth?
     IOGEAR GBE201 Bluetooth Wireless Headset
     Belkin Bluetooth Hands-Free Headset
     What is bluetooth
     Sony Ericsson ROB-1: Bluetooth Camera Robot
     Best Bluetooth Headsets of 2006
     
     
    Can't find what you are looking for? Email us your inquiry at inquiry@wirelessgalaxy.com
     
    		Quick Links
      Help/FAQ
    Security & Privacy
    Order Online
    Order By Mail/Fax
    USA Shipping Methods Global Shipping
    Customer Testimonials
    User Manuals
    Why WirelessGalaxy?
    Suggested Websites
    Resources
    Affiliate Program
    		Contact Us
      Press Releases
    Contact Customer Service
    Contact Sales
    About Us
    Ask Us any Question
    Job Openings
    Site - Map
    Advertisements
    Vendor Registration
    		Returns/Exchange
      After Sale Customer Support
    Return Policy

    		Guru Mail
      Subscribe to guru mail
     


    		Back To Top
    WirelessGalaxy Houston 7100 Harwin Drive. Houston, Texas 77036 USA
    Tel : (713) 782-1716 Fax : (713) 782-2763 Toll Free (800) 569-8486 USA & Canada Mon - Fri 8AM-8PM CST
    All Rights Reserved. Copyright(C) 1999-2007 WirelessGalaxy Houston & respective entities. - Terms of Use
    Wirelessgalaxy.com is owned by Wirelessgalaxy Houston