Security weaknesses in bluetooth

Markus Jakobsson, Susanne Wetzel

Research output: Contribution to journalArticlepeer-review

161 Scopus citations

Abstract

We point to three types of potential vulnerabilities in the Bluetooth standard, version 1. 0B. The first vulnerability opens up the system to an attack in which an adversary under certain circumstances is able to determine the key exchanged by two victim devices, making eavesdropping and impersonation possible. This can be done either by exhaustively searching all possible PINs (but without interacting with the victim devices), or by mounting a so-called middle-person attack. We show that one part of the key exchange protocol-an exponential back-off method employed in case of incorrect PIN usage-adds no security, but in fact benefits an attacker. The second vulnerability makes possible an attack-which we call a location attack-in which an attacker is able to identify and determine the geographic location of victim devices. This, in turn, can be used for industrial espionage, blackmail, and other undesirable activities. The third vulnerability concerns the cipher. We show two attacks on the cipher, and one attack on the use of the cipher. The former two do not pose any practical threat, but the latter is serious. We conclude by exhibiting a range of methods that can be employed to strengthen the protocol and prevent the newly discovered attacks. Our suggested alterations are simple, and are expected to be possible to be implemented without major modifications.

Original languageEnglish
Pages (from-to)176-191
Number of pages16
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2020
DOIs
StatePublished - 2001

Fingerprint

Dive into the research topics of 'Security weaknesses in bluetooth'. Together they form a unique fingerprint.

Cite this