Skip to main content
Springer Nature Link
Log in

Improved Pairing Protocol for Bluetooth

  • Conference paper
Ad-Hoc, Mobile, and Wireless Networks (ADHOC-NOW 2006)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4104))

Included in the following conference series:

  • 916 Accesses

Abstract

The Bluetooth wireless technology realizes a low-cost short-range wireless voice- and data-connection through radio propagation. Bluetooth also has a security architecture. In this paper, we focus on the key agreement protocol, which is the most critical part of this security architecture. Several security flaws have been identified within the Bluetooth protocols: an attacker can track users by monitoring the Bluetooth hardware address, all keys depend on a low-entropy shared secret (the PIN), there are some very easy to perform Denial of Service attacks. We propose a new initialization mechanism for the key agreement protocol of Bluetooth. This improved pairing protocol can be easily extended so that it will not only solve the dependency of the keys on the PIN, but also the location privacy problem and an important Denial of Service attack. Our solution is user friendly and energy-efficient, two essential features for Wireless Personal Area Networks (WPAN).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bluetooth Special Interest Group, http://www.bluetooth.com/

  2. IEEE 802.15, the Wireless Personal Area Network Working Group, http://www.ieee802.org/15/

  3. Haartsen, J., Naghshineh, M., Inouye, J., Joeressen, O., Allen, W.: Bluetooth: Visions, Goals and Architecture. In: ACM Mobile Computing and Communications Review, pp. 38–45 (1998)

    Google Scholar 

  4. Bluetooth Specification, https://www.bluetooth.org/spec/

  5. Lamm, G., Falauto, G., Estrada, J., Gadiyaram, J.: Security Attacks against Bluetooth Wireless Networks. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, U.S. Military Academy, West Point, NY, pp. 265–272 (June 2001)

    Google Scholar 

  6. Singelée, D., Preneel, B.: Security Overview of Bluetooth. COSIC Internal Report (2004)

    Google Scholar 

  7. Jakobsson, M., Wetzel, S.: Security Weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, p. 176. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. DEF CON. Computer Underground Hackers Convention, http://www.defcon.org

  9. Cheung, H.: The Bluesniper Rifle, 2004. http://www.tomsnetworking. com/Sections-article106.php .

  10. Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. In: Proceedings of the 3rd International Conference on Mobile Systems, Applications, and Services (MobiSys 2005), pp. 39–50. ACM, New York (2005)

    Chapter  Google Scholar 

  11. Hodjat, A., Verbauwhede, I.: The Energy Cost of Secrets in Ad–Hoc Networks. In: Proceedings of the IEEE Workshop on Wireless Communications and Networking (CAS 2002) (2002)

    Google Scholar 

  12. Candolin, C.: Security Issues for Wearable Computing and Bluetooth Technology (2000), http://www.tml.hut.fi/~candolin/Publications/BT/

  13. De Cannière, C., Johansson, T., Preneel, B.: Cryptanalysis of the Bluetooth Stream Cipher. In: COSIC Internal Report (2001)

    Google Scholar 

  14. Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Fluhrer, S.R., Lucks, S.: Analysis of the E0 Encryption System. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 38–48. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Golić, J.D., Bagini, V., Morgari, G.: Linear Cryptanalysis of Bluetooth Stream Cipher. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 238–255. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Hermelin, M., Nyberg, K.: Correlation Properties of the Bluetooth Combiner Generator. In: Song, J.S. (ed.) ICISC 1999. LNCS, vol. 1787, pp. 17–29. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  18. Armknecht, F., Lano, J., Preneel, B.: Extending the Resynchronization Attack. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 19–38. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Lu, Y., Meier, W., Vaudenay, S.: The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 97–117. Springer, Heidelberg (2005)

    Google Scholar 

  20. Hoepman, J.-H.: The Ephemeral Pairing Problem. In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 212–226. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Hoepman, J.H.: Ephemeral Pairing on Anonymous Networks. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 101–116. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  22. Menezes, A.J.: Elliptic Curve Public Key Cryptosystems. Springer, Heidelberg (1993)

    MATH  Google Scholar 

  23. Gehrmann, C., Nyberg, K.: Security in Personal Area Networks. In: Security for Mobility, pp. 191–230. IEEE, Los Alamitos (2004)

    Google Scholar 

  24. Gehrmann, C., Mitchell, C., Nyberg, K.: Manual Authentication for Wireless Devices. RSA Cryptobytes 7(1), 29–37 (2004)

    Google Scholar 

  25. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  26. New European Schemes for Signatures, Integrity, and Encryption, http://www.cryptonessie.org

  27. Potlapally, N., Ravi, S., Raghunathan, A., Jha, N.: Analyzing the Energy Consumption of Security Protocols. In: Proceedings of the 2003 International Symposium on Low Power Electronics and Design (ISLPED 2003), pp. 30–35. ACM, New York (2003)

    Chapter  Google Scholar 

  28. Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory, 644–654 (1976)

    Google Scholar 

  29. National Security Agency. The Case for Elliptic Curve Cryptography, http://www.nsa.gov/ia/industry/crypto_elliptic_curve.cfm

  30. Balfanz, D., Smetters, D., Stewart, P., Wong, H.: Talking to Strangers: Authentication in Adhoc Wireless Networks. In: Proceedings of the Network and Distributed System Security Symposium (NDSS 2002), The Internet Society (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ESAT-COSIC, K.U. Leuven, Belgium

    Dave Singelée & Bart Preneel

Authors
  1. Dave Singelée
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Carleton University, Ottawa, Ontario, Canada

    Thomas Kunz

  2. Computer Science Dept., S.U.N.Y. at Albany, 12222, Albany, NY, U.S.A.

    S. S. Ravi

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Singelée, D., Preneel, B. (2006). Improved Pairing Protocol for Bluetooth. In: Kunz, T., Ravi, S.S. (eds) Ad-Hoc, Mobile, and Wireless Networks. ADHOC-NOW 2006. Lecture Notes in Computer Science, vol 4104. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11814764_21

Download citation

  • DOI: https://doi.org/10.1007/11814764_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-37246-2

  • Online ISBN: 978-3-540-37248-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation