Correlation Properties of the Bluetooth Combiner Generator
ICISC '99 Proceedings of the Second International Conference on Information Security and Cryptology
Cryptanalysis of alleged A5 stream cipher
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Hardware Implementation of Bluetooth Security
IEEE Pervasive Computing
Hardware Security Concept for Spontaneous Network Integration of Mobile Devices
IICS '01 Proceedings of the International Workshop on Innovative Internet Computing Systems
Analysis of the E0 Encryption System
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Linear Cryptanalysis of Bluetooth Stream Cipher
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Group Diffie-Hellman Key Exchange Secure against Dictionary Attacks
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Security of a Mobile Transaction: A Trust Model
Electronic Commerce Research
Peer-to-Peer Security in Mobile Devices: A User Perspective
P2P '04 Proceedings of the Fourth International Conference on Peer-to-Peer Computing
TinySec: a link layer security architecture for wireless sensor networks
SenSys '04 Proceedings of the 2nd international conference on Embedded networked sensor systems
Theoretical Computer Science - Special issue: Foundations of wide area network computing
Proceedings of the 3rd international conference on Mobile systems, applications, and services
Integrity regions: authentication through presence in wireless networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Location privacy in wireless personal area networks
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Mobile Local Macropayments: Security and Prototyping
IEEE Pervasive Computing
A preliminary investigation of worm infections in a bluetooth environment
Proceedings of the 4th ACM workshop on Recurring malcode
Studying Bluetooth Malware Propagation: The BlueBag Project
IEEE Security and Privacy
BlueSniff: Eve meets Alice and Bluetooth
WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
Authenticating ad hoc networks by comparison of short digests
Information and Computation
New efficient intrusion detection and prevention system for Bluetooth networks
Proceedings of the 1st international conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications
Devices that tell on you: privacy trends in consumer ubiquitous computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Ubiquitous computing for remote cardiac patient monitoring: a survey
International Journal of Telemedicine and Applications - Regular issue
Revisiting Bluetooth Security (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
SS'08 Proceedings of the 17th conference on Security symposium
Auxiliary channel Diffie-Hellman encrypted key-exchange authentication
Proceedings of the 5th International ICST Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness
Bluetooth Tracking without Discoverability
LoCA '09 Proceedings of the 4th International Symposium on Location and Context Awareness
Foot-driven computing: our first glimpse of location privacy issues
SIGSPATIAL Special
Usability and security of out-of-band channels in secure device pairing protocols
Proceedings of the 5th Symposium on Usable Privacy and Security
EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond
Proceedings of the 16th ACM conference on Computer and communications security
A comparative study of secure device pairing methods
Pervasive and Mobile Computing
A practical study on security of agent-based ubiquitous computing
AAMAS'02 Proceedings of the 2002 international conference on Trust, reputation, and security: theories and practice
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Hiding names: private authentication in the applied pi calculus
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Untraceability of RFID protocols
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Repairing the bluetooth pairing protocol
Proceedings of the 13th international conference on Security protocols
BlueBat: towards practical bluetooth honeypots
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Two practical man-in-the-middle attacks on bluetooth secure simple pairing and countermeasures
IEEE Transactions on Wireless Communications
Building a dark piconet upon bluetooth interfaces of computers
MILCOM'09 Proceedings of the 28th IEEE conference on Military communications
Mobile electronic identity: securing payment on mobile phones
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Cryptanalysis of the bluetooth E0 cipher ssing OBDD's
ISC'06 Proceedings of the 9th international conference on Information Security
Improved pairing protocol for bluetooth
ADHOC-NOW'06 Proceedings of the 5th international conference on Ad-Hoc, Mobile, and Wireless Networks
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
On bluetooth repairing: key agreement based on symmetric-key cryptography
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Secure communications over insecure channels based on short authenticated strings
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Security for interactions in pervasive networks: applicability of recommendation systems
ESAS'04 Proceedings of the First European conference on Security in Ad-hoc and Sensor Networks
Provably-Secure two-round password-authenticated group key exchange in the standard model
IWSEC'06 Proceedings of the 1st international conference on Security
Cryptographic protocol to establish trusted history of interactions
ESAS'06 Proceedings of the Third European conference on Security and Privacy in Ad-Hoc and Sensor Networks
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
How to secure bluetooth-based pico networks
SAFECOMP'07 Proceedings of the 26th international conference on Computer Safety, Reliability, and Security
Contemporary Issues in Handheld Computing Research
International Journal of Handheld Computing Research
An updated threat model for security ceremonies
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Hi-index | 0.00 |
We point to three types of potential vulnerabilities in the Bluetooth standard, version 1.0B. The first vulnerability opens up the system to an attack in which an adversary under certain circumstances is able to determine the key exchanged by two victim devices, making eavesdropping and impersonation possible. This can be done either by exhaustively searching all possible PINs (but without interacting with the victim devices), or by mounting a so-called middle-person attack. We show that one part of the key exchange protocol - an exponential back-off method employed in case of incorrect PIN usage - adds no security, but in fact benefits an attacker. The second vulnerability makes possible an attack - which we call a location attack - in which an attacker is able to identify and determine the geographic location of victim devices. This, in turn, can be used for industrial espionage, blackmail, and other undesirable activities. The third vulnerability concerns the cipher. We show two attacks on the cipher, and one attack on the use of the cipher. The former two do not pose any practical threat, but the latter is serious. We conclude by exhibiting a range of methods that can be employed to strengthen the protocol and prevent the newly discovered attacks. Our suggested alterations are simple, and are expected to be possible to be implemented without major modifications.