Revisiting Bluetooth Security (Short Paper)

Das, Manik Lal; Mukkamala, Ravi

doi:10.1007/978-3-540-89862-7_10

Revisiting Bluetooth Security (Short Paper)

Manik Lal Das³ &
Ravi Mukkamala⁴

Conference paper

1849 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5352))

Abstract

Bluetooth technology is gaining increasing interest in the research community because of the convenience of exchanging information between wireless devices. As the communication medium is wireless, security is an important concern in this emerging technology. This paper discusses the basic security of Bluetooth technology, some of its shortcomings and presents two new proposals for securing Bluetooth technology. One of the proposals is based on passkey-authenticated key exchange, where security relies on keyed hash function, and the other one is on amplified passkey-authenticated key exchange, where security relies on elliptic curve discrete logarithms problem. The latter provides some additional security services, but with added cost compared to the former one. Both protocols provide mutual authentication, resist known and possible threats, and achieve efficiency compared to other protocols.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bluetooth Special Interest Group. Bluetooth Baseband Specification. Specifications of the Bluetooth System, 1.1 (2001)
Google Scholar
IEEE P802.15 Working Group for WPANs, Cluster Tree Network (2001)
Google Scholar
Bluetooth Special Interest Group. Bluetooth Core Specification plus Enhanced Data Rate. Specification of the Bluetooth System, 2.1 (2007)
Google Scholar
Bluetooth Special Interest Group. Bluetooth Security WhitePaper, 1.0 (2002)
Google Scholar
Bluetooth Special Interest Group. Bluetooth Security Specification. Specification of the Bluetooth System, 1.2 (2003)
Google Scholar
Bellovin, S.M., Meritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: Proc. of the IEEE Symposium on Research in Security and Privacy, pp. 72–74 (1992)
Google Scholar
Bellovin, S.M., Meritt, M.: Augmented Encrypted Key Exchange: a Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise. In: Proc. of the ACM Conference on Computer and Communications Security, pp. 244–250 (1993)
Google Scholar
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
Article MathSciNet MATH Google Scholar
Jablon, D.: Strong Password-Only Authenticated Key Exchange. Computer Communication Review 26(5), 5–26 (1996)
Article Google Scholar
Kwon, T.: Authentication and key agreement via memorable password. Contribution to the IEEE P1363 study group for Future PKC Standards (2000)
Google Scholar
MacKenzie, P.: The PAK suite: Protocols for Password-Authenticated Key Exchange. DIMACS Technical Report 2002-46 (2002)
Google Scholar
Shaked, Y., Wool, A.: Cracking the Bluetooth PIN. In: Proc. of the International Conference on Mobile systems, applications, and services, pp. 39–50. ACM Press, New York (2005)
Google Scholar
Wong, F.L., Stajano, F., Clulow, J.: Repairing the Bluetooth pairing protocol. In: Proc. of the International Conference on Security Protocols. LNCS. Springer, Heidelberg (2005)
Google Scholar
Jakobsson, M., Wetzel, S.: Security Weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020. Springer, Heidelberg (2001)
Google Scholar
V. Kostakos. The privacy implications of Bluetooth. ArXiv (2008) (Retrived on May 15, 2008), http://arxiv.org/pdf/0804.3752
Juels, A.: RIFD Security and privacy: a research survey. IEEE Journal On Selected Areas In Communications 24(2), 381–394 (2006)
Article MathSciNet Google Scholar
Frankel, S., Kelly, S.: The HMAC-SHA-256-128 Algorithm and Its Use With IPsec. draft-ietf-ipsec-ciph-sha-256-01.txt (2002)
Google Scholar
Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48, 203–209 (1987)
Article MathSciNet MATH Google Scholar
Massey, J., Khachatrian, G., Kuregian, M.: Nomination of SAFER+ as Candidate Algorithm for the Advanced Encryption Standard. In: Proc. of the AES Candidate Conference (1998)
Google Scholar
Bluetooth Special Interest Group. Simple Pairing Whitepaper. Core Specification Working Group, V10r00 (2006)
Google Scholar

Download references

Author information

Authors and Affiliations

Dhirubhai Ambani Institute of Information and Communication Technology, Gandhinagar, 382007, India
Manik Lal Das
Department of Computer Science, Old Dominion University, Norfolk, VA 23529, USA
Ravi Mukkamala

Authors

Manik Lal Das
View author publications
You can also search for this author in PubMed Google Scholar
Ravi Mukkamala
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, Stony Brook University, NY 11794-4400, Stony Brook, USA
R. Sekar
Department of Computer and Information Sciences, University of Hyderabad, 500 046, Hyderabad, India
Arun K. Pujari

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Das, M.L., Mukkamala, R. (2008). Revisiting Bluetooth Security (Short Paper). In: Sekar, R., Pujari, A.K. (eds) Information Systems Security. ICISS 2008. Lecture Notes in Computer Science, vol 5352. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89862-7_10

Download citation

DOI: https://doi.org/10.1007/978-3-540-89862-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89861-0
Online ISBN: 978-3-540-89862-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics