comp.org.uk

Networking | Programming | Security | Linux | Computer Science | About

Security in Bluetooth Networks

Bluetooth is a wireless protocol to facilitate communication among low power, fixed and mobile devices in a short range and what is called Personal Area Networks (PANs). While WLAN targets to replace wired LANs, Bluetooth technology focuses on small wireless networks like PANs, which is supposed to cover only the gadgets around the person’s body. As a result of these different goals, different security architecture approaches have been considered. To facilitate the usage of Bluetooth networks and to allow their operations on low-cost and low-power devices, many security sacrifices or tradeoffs have been taken. For instance Bluetooth devices broadcast all the services they provide to ease the communication and setup procedures between it and other nearby devices. For these reasons Bluetooth is better suited as an ad-hoc network.

Security Tradeoffs

To facilitate the usage of Bluetooth networks and to allow their operations on low-cost and low-power devices, many security sacrifices or tradeoffs have been taken. For instance Bluetooth devices broadcast all the services they provide to ease the communication and setup procedures between it and other nearby devices. For these reasons Bluetooth is better suited as an ad-hoc network.

Piconets

Bluetooth networks are formed using piconets. Each piconet allows up to eight devices to connect to it. Communications among nodes inside a piconet is determined in master-slave manner. There is one master and one to seven other active slaves at most.

This structure does not limit the scalability of Bluetooth networks, since Bluetooth devices are allowed to connect to more than one piconet by dividing time between the connected piconets, and allowing the nodes to behave as a slave and a master node at the same time for different piconets.

Security in Bluetooth networks is affected by the fact that most of Bluetooth devices are within a close range of each other. Also most Bluetooth are not expected to have sophisticated security capabilities if at all. These variations of Bluetooth devices urged the designers to consider the functionality of a security manager where the devices capabilities and services are taken into consideration before establishing the secure connection.

Bluetooth General Access Profile

Bluetooth General Access Profile (GAP) defines three modes of connection, aided by the decision of the security manager:

  1. Mode 1: {None}. Communication is not restricted in any way.
  2. Mode 2: {Application Layer Security}: Which guarantees the connection’s security past connection establishment and it operates using application layer functionalities.
  3. Mode 3: {Link Layer Security}: Security is enforced prior to connection establishing phase, using level 2 (link layer) functionalities.

Other security levels are used in Bluetooth to identify physical layers as: reliable or unreliable, and devices as: trusted or untrusted. Though Bluetooth security is considered to be mature and offers a lot of sophisticated methods to secure exchanged data including methods similar to the previously discussed WLAN security methods, it is still prone to many of the same security threats.

Bluetooth DoS Attacks

Bluetooth is no exception in its vulnerability to DoS attacks. And because of its limited power the consequences of this attack are even more severe. DoS attack drains the battery power and leaves the device unusable. Bluetooth also suffers from possible attacks to expose devices confidentiality or steal their identity due to the weaknesses in the key generation process and its handshaking mechanism, mainly because of the use of PIN code in these processes.


Published on Sun 12 April 2015 by Dan Little in Security with tag(s): bluetooth