Bluetooth, Continued

1
Bluetooth, Continued

• Vision, Goals,
• Architecture (left to reader)

2
Vision

• Cable replacement
• Ad-hoc cable replacement
• Collaborating specialized devices with combined
  usability models
• Is this dis-integration?
• Computing device
• Communications device
• Audio/video interface device . . .

3
Goals

• New Usage Models
• System Challenges
• The Specification

4
New Usage Models

• Three-in-one phone
• Intercom at home
• Portable (cordless) phone
• Mobile (cellular) phone
• Extensions now possible
• Wireless VoIP phone
• Phone gateways
• Cellular to cordless bridge

5
New Usage Models

• The briefcase trick
• Notebook receives email, beeps phone
• Browse messages on phone, read some
• Design options (Notebook, Phone, Server)

P
N
P
S
S
P
N
S
N
6
New Usage Models

• The automatic synchronizer
• Desktop, notebook, PDA, phone
• Address books, calendars, email . . .
• Design options
• Thick client batch synch
• Thin client real-time connection
• Combinations (ala IMAP?)

7
System Challenges

• Data and voice (video not envisioned)
• Ad-hoc/dynamic detection/connection (unconscious
  computing)
• Withstand interference in unlicensed bands
• Worldwide use
• Protection (security) similar to cable
• Small size
• Negligible power consumption
• Encourage ubiquitous deployment (royalty free)

8
Selected Topics . . .
9
Authentication

• Basics
• Device addresses (48-bit) are exchanged in
  discovery
• Device names (user-friendly) up to 248 chars
• Passkeys (1 to 16 octets) are entered or stored
  on devices
• Device modes
• Discoverable (will respond to inquiry) non,
  limited, or general
• Connectable (will respond to page) non or
  responds to pages
• Paired link key has been exchanged

10
Selected Security Issues

• Three Bluetooth security modes
• Mode 1 non-secure
• Mode 2 service-level
• Mode 3 link-level
• As usual, implementation problems exist
• Vendors dont properly implement standards
• Available security isnt always used
• Range can be more than users expect
• Information is unnecessarily stored on devices
• Even non-discoverable devices reveal some
  information

11
Some Security Definitions

• LMP-Authentication challenge-response using a
  random number, secret key, and device address
  (LMPLink Manager Protocol)
• LMP-Pairing creation/exchange of a link key
• Bonding pairing and storage of link key
• Trusting allowing future pairing
• Authorization granting of a specific service

12
Interesting Bluetooth Resources

• http//www.bluez.org/ (Linux Bluetooth stack)
• http//www.atstake.com/research/reports/acrobat/at
  stake_war_nibbling.pdf (security overview showing
  tool use)
• http//bluesniff.shmoo.com/ (war driving tool)
• http//www.tomsnetworking.com/Sections-article106-
  page1.php (everyones latest favorite bluesniping
  article)
• http//csrc.nist.gov/publications/nistpubs/800-48/
  NIST_SP_800-48.pdf (119-page NIST article
  --includes security checklists)
• http//www.bluetooth.com/upload/24Security_Paper.P
  DF (Bluetooth SIG security white paper)

13
Demos