Академический Документы
Профессиональный Документы
Культура Документы
VIJAY SANDEEP
CSE (3/4), CSE (3/4)
GMRIT, GMRIT,
RAJAM. RAJAM.
Email id:rakesh_0517@yahoo.co.in svijaysandeep@gmail.com
ABSTRACT
As the technology becomes more sophisticated, the need for facile wireless
communication has led the human brain to renovate the orthodoxy bottlenecked
conventions being used. Computing will inevitably be indispensable and ubiquitous – a
scenario that has no place for wires. Bluetooth provides several irksome issues that have
plagued implementation of wireless technology handling both data and voice
transmissions, allowing such capabilities as a mobile hands-free head set for voice calls
and print-to-fax, laptop and cell phone address book applications. More than just a
replacement for Proprietory cables, Blue tooth wireless technology provides a Universal
bridge to existing data networks LAN’s, mobile phone network and the internet for a host
of home applications and portable hand-held interfaces.
Bluetooth enabled electronic devices connect and communicate wirelessly
via short-range, ad-hoc networks called ‘Piconets’. Each unit can simultaneously
communicate with up to seven other units in a piconet. These piconets are established
dynamically and automatically as blue tooth devices enter and leave the radio proximity.
To replace messy wires, make information transfer automatic without synchronization
cradles and introduced many applications Bluetooth excels at connecting devices
irrespective of their locations and can even talk through walls
This paper elucidates what is Blue tooth? And the concept behind the Blue
tooth and the Bluetooth architecture, network topology, and mainly presents about blue
tooth security architecture, flowcharts for authentication and authorisation, hacking
concepts ,advantages ,drawbacks and its applications. With potential like that it’s no
wonder that Bluetooth is set to become the fastest adopted technology in history.
INTRODUCTION
What is Bluetooth?
Bluetooth is the global defacto standard for wireless connectivity based on
low-cost, short-range radio link that resides on a micro chip. Bluetooth wireless
technology is a system solution comprising hardware, software and Interoperability
requirements. Bluetooth is a standard for a small, cheap radio chip to be plugged in to
computers, printers, mobile phones etc. Bluetooth wireless technology eliminates the
need for numerous, often Proprietary, cable attachments for connection of practically
any kind of communication device.
Concept behind Bluetooth:
The basic concept behind the Bluetooth is to provide a universal short
range wireless capability. It operates in free Industrial Scientific Medical(ISM) band from
2.400 GHz to 2.483GHz, available globally for unlicensed low-power uses. Two
Bluetooth devices within 10m of each other can share up to 720kbps of capability. It has
the transmission power of 1mW. Bluetooth is intended to support an open-ended list of
applications, including data, audio, graphics and even video. For e.g. Audio devices can
include headsets, cordless and standard phones, home stereos, and digital MP3 players.
Bluetooth can provide consumers with the ability to
Make calls from wireless headset connected remotely to a cell phone.
Eliminate cables linking computers to printers, keyboards, and the mouse.
Hook up MP3 players wirelessly to other machines to download music.
Set up home networks so that a couch potato can remotely monitor air
conditioning, the oven, and internet surfing.
Call home from a remote location to turn appliances on and off, set the alarm, and
Monitor activity
A device equipped with a Bluetooth radio establishes instant
connection to another Bluetooth radio as soon as it comes into range. Bluetooth device
supports both point-to-point and point-to-multipoint connections.
Architecture overview:
A block diagram of the Bluetooth protocol architecture is shown in Figure.
In the above architecture the security manager is the key component. The main functions
of security manager are:
Store security-related information on services.
• Store security-related information on devices.
• Answer access requests by protocol implementations or applications.
• Enforce authentication and/or encryption before connecting to the
application.
• Initiate pairing and query PIN entry by the user. PIN entry might also be
done by an application.
SECURITY LEVELS:
Authentication: It is the process of verifying ‘who’ is at the other end of the link. In BT
this is achieved by the authentication procedure based on the stored link key or by pairing
(entering a PIN).
Setting PIN codes:
After pairing the data transfer between these equipments is secure. The
instruction to set PIN codes is as follows: The simplest way is to run btsrv on Bluetooth
computers which prompt pairing .If we are not running btsrv command we can manually
set PIN codes by btctl command.
• Use btctl command to find out and list the BT devices around your computer.
• Add pin code btctl addpin<address_of_the_remote_peer><pin_code>
Authorization: It is the process of deciding a device to be allowed to have access for the
services provided by the master.
Device trust level:
Devices are distinguished based upon their trust levels:
• Trusted device: The device has been authenticated and a link key is
stored and it is marked as “Trusted” in the device database.
• Untrusted Device: The device has been authenticated and a link key is
stored but it is not marked as trusted.
• Unknown device: No security information is available for this device.
Security level of services:
The security level of a service is defined by three attributes:
• Authorization Required: Access is granted only to trusted or untrusted
devices after an authorization procedure. Authorization always requires
authentication.
• Authentication required: Before connecting to the application the
remote device must be authenticated.
• Encryption required: The link must be changed to encrypted mode
before access to the service is possible.
INFORMATION FLOW FOR ACCESS TO TRUSTED SERVICE:
The authentication cannot be performed when the ACL is established. The
authentication is performed when a connection request to a service is submitted.
The link manager connects request to L2CAP and this in turn requests access from the
security manager which then look up’s in service database and the device database. If
necessary security manager enforces authentication and encryption and then grants
access. After granting access L2CAP continues to setup the action.
FLOWCHARTFORAUTHORISATION PROCEDURE:
FLOWCHARTFORAUTHENTICATIONPROCEDURE:
HACKING CONCEPTS OF BLUETOOTH:
Bluejacking: This allows phone users to send business cards anonymously using BT
wireless technology which doesn’t remove or alternate any data from device. To carry
this bluejacking also the sending and the receiving devices must be within 10 meters of
one another. Phone owners who receive blue jack messages should refuse to add the
contacts to their address books. The person who does bluejacking is called as
bluejackers. The only way to not to be bluejacked is to disconnect Bluetooth.
Bluebugging: This allows skilled individuals to access the mobile phone commands
using Bluetooth wireless technology without notifying or alerting the phones user. This
vulnerability allows the hacker to initiate phone calls, send and receive text messages,
read and write phone book contacts, eavesdrop one phone conversations, and connect to
the internet.
Bluesnarfing: The information that can be accessed in this manner includes the phone
book, images, calendar and IMEI (International Mobile Equipment Identity). Only
specific folder BT enabled devices are susceptible to bluesnarfing.
General applications:
Data and voice access points: Bluetooth facilities real-time voice and data
transmissions by providing effortless wireless connection of portable and stationary
communications devices.
Cable replacement: Bluetooth eliminates the need for numerous, often
proprietary, cable attachments for connection of practically any kind of
communication device. Connections are instant and are maintained even when
devices are not within line of sight. The range of each radio is approximately 10m,
but can be extended to 100 m with an optional amplifier.
Ad hoc networking: A device equipped with a Bluetooth radio can establish instant
connection to another Bluetooth radio as soon as it comes into range.
Advantages:
A single handset can work as an intercom in the office, as a PSTN phone whenever
an access point to the PSTN is available, and as a mobile.
The Bluetooth link does not need the line-of-sight. So a mobile could connect to a
laptop even while it is in the briefcase and allow access to such facilities as e-mail.
Seamless connectivity between the user’s PDA, laptop, and mobile allows
applications to automatically update and synchronize schedules and other data when
modifications are made on one device.
Wireless headset allows users to access mobile and audio services even while the
device is in their pocket. Thus hands-free operation is possible.
Hands-free devices allow users to access their phones without letting their hands off
the steering wheel.
Drawbacks:
Conclusion:
References: