This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
One of the recently known misuse of bluetooth is Bluejacking. In simple terms, blue jacking is the art of anonymously sending messages to users of other Bluetooth devices who have switched on the technology and made their handset "visible" to potential bluejackers. Also viruses like trojans can be send which will corrupt data and take complete control of the device(spoofing), thus enabling the bluejacker to actually dial from it. Still, bluetooth security is a major issue of concern. Some of the measures which can be adopted include encryption, personalized fire walls etc. Thus the paper presented here deals with some of the major security problems of bluetooth and their solutions.
KEY WORDS: Frequency hopping, spoofing , eavesdropping,piconet,encryption.
Bluetooth is a technology that enables communication between two compatible devices through short-range two-way radio. Bluetooth is commonly used for connecting devices, such as PDA's, cell phones, keyboards, mice and computers. Bluetooth works at up to 30 feet (10 metres) and is capable of transferring data. Bluetooth radio uses a fast acknowledgement and frequency-hopping scheme to make the link robust, even in noisy radio environments. to 1 mbit/sec. Bluetooth devices do not need to be in direct sight of each other. Fundamentally Bluetooth operates within the Industrial, Scientific and Medical (ISM) band at 2.4 GHz Bluetooth is designed to be light and portable. It can be embedded to take the riggers of physical knocks and shocks. It includes standards and protocols to make it mobile, robust, reliable
Who started bluetooth?
Ericsson Mobile Communication was the pioneer in this field, later on it was joined by many others i.e. nokia,ibm,etc.
The name bluetooth traces its origin from legend of Herald BLUETOOOTH (king of denmark, 10th century) who united Denmark and part of Norway into a single kingdom. The Bluetooth brand is now recognised worldwide on products with short range wireless communication capabilities. The brand is a label that is not a Bluetooth single company technology but is shared by many members of the SIG (special interest group)
Frequency hopping is literally jumping from frequency to frequency within the ISM band. After a Bluetooth device sends or receives a packet, it and the Bluetooth device or devices it is communicating with "hop" to another frequency before the next packet is sent. This scheme has three advantages:
It allows Bluetooth devices to use the entirety of the available ISM band, while never transmitting from a fixed frequency for more than a very short time This ensures that Bluetooth conforms to the ISM restrictions on transmission quantity per frequency.
It ensures that any interference will be short-lived. Any packet that doesn't arrive safely at its destination can be resent at the next frequency.
It provides a base level of security because it's very difficult for an eavesdropping device to predict which frequency the Bluetooth devices will use next.
Master and Slave Operation.
Bluetooth devices exist in small ad-hoc network configuration with the ability to operate as either master or the slave; the specification also allows a mechanism for master and slave to switch their roles. The configurations can be single point, which is the simplest configuration with one master and one slave. Multipoint, called a Piconet, based on up to 7 slaves clustered around a single Master. And a third type called a Scatternet, this is a group of Piconets effectively hubbed via a single Bluetooth device acting as a master in one Piconet and a slave in the other Piconet. The Scatternet permits either larger coverage areas or number of devices than a single Piconet can offer. The role of the master is to control the available bandwidth between the slaves, it calculates and allocates how often to communicate with each slave and locks them into the appropriate frequency hopping sequence. The specification describes an algorithm that calculates the hop sequence, the seed being based on the master's device address and clock. In addition to hop sequence control, the master is responsible for transmit control by dividing the network into a series of time slots amongst the net members, as part of a Time Division Multiplexing (TDM) scheme. The time slot is defined as 625 Âµs and all packet traffic is allocated 1, 3 or 5 slots, grouped together in transmit and receive pairs.
People with Bluetooth-enabled mobile phones can send messages anonymously to those with similar phones nearby, creating a new craze. Since Bluetooth-enabled phones, PDAs and laptops can search for other devices within their short range, bluejackers in crowded transport hubs, pubs or any other public place can easily send messages without being detected. Bluetooth-enabled mobiles are making the most of to send text messages to strangers anonymously. This drive-by messaging has been dubbed 'bluejacking'. Also viruses like trojans can be send which will corrupt data and take complete control of the device, thus enabling the bluejacker to actually dial from it. Bluetooth devices generate a secure connection by means of the initial pairing process. During this process one or both devices need a PIN code to be entered, which is used by internal algorithms to generate a secure key which is then used to authenticate the devices whenever they connect in the future.Now there is a particular process that could potentially "guess" the security settings on a pair of Bluetooth devices. To do this the attacking device would need to listen in to the initial one-time pairing process. From this point it can use an algorithm to guess the security key and masquerade as the other Bluetooth device..
In this section, we look into Bluetooth's security measures in more detail. In every Bluetooth device, there are four entities used for maintaining the security at the link level. The Bluetooth device address (BD_ADDR), which is a 48-bit address that is unique for each Bluetooth device and defined by the Institute of Electrical and Electronics Engineers (IEEE). Private authentication key, which is a 128-bit random number used for authentication purposes. Private encryption key, 8-128 bits in length that is used for encryption. And a random number (RAND), which is a frequently changing 128-bit random or pseudo-random number that is made by the Bluetooth device itself. In Bluetooth Generic Access Profile, the Bluetooth security is divided into three modes:
Security Mode 1: non-secure
Security Mode 2: service level enforced security
Security Mode 3: link level enforced security
The difference between Security Mode 2 and Security Mode 3 is that in Security Mode 3 the Bluetooth device initiates security procedures before the channel is established. There are also different security levels for devices and services. For devices, there are 2 levels, "trusted device" and "untrusted device". The trusted device obviously has unrestricted access to all services. For services, 3 security levels are defined: services that require authorization and authentication, services that require authentication only and services that are open to all devices.