Last month, the Bluetooth SIG approved the new v2.1 Bluetooth spec. The big change in the 2.1 spec is a completely new pairing protocol, that fixes the existing broken one.This means that SIG members (which include Nokia, Ericsson, Motorola, Intel, Microsoft and others) can start adding support for Core Specification v2.1 to their product lines.

What is Pairing?

Pairing is the handshaking procedure that two Bluetooth devices must follow on the first time they "meet", before they can start to communicate. When you "pair" your cellphone with your earpiece, or with your laptop, you have to type your Personal Identification Number (PIN). This is usually a 4-digit number that is either hard-coded (e.g., "0000") or user-selected.

The trouble is that the existing pairing protocol was badly designed. Back in June'2005, my student (Yaniv Shaked) and I showed that it's quite easy to crack the PIN - all the bad guys need is a Bluetooth sniffer and a PC. You can find all the details on my Bluetooth page. Once they crack the PIN they can control your cellphone or laptop, extract information, make calls, etc. And this is not just theory: I've heard of people implementing this attack.

So how does 2.1 fix things?

The cool thing about the new protocol is that it is both more secure, and easier to use. How often does that happen?! There is no need for a PIN anymore! When two Bluetooth 2.1 devices will meet, they will run the new pairing protocol and negotiate everything they need on their own. User input will only be needed at the end: each device will display some random-looking number - and the user will click OK if both numbers are the same. I'm not quite sure what will happen if one of the devices is dumb and has no display: maybe it will beep or flash a led a few times?

Under the hood, the new pairing protocol uses a flavor of the Diffie-Hellman key exchange - which is what is used by standard security mechanisms like SSL. Using standard building blocks is a Good Thing when it comes to security.

Bottom Line

I think this is an important step in the right direction - but it's not over yet. It will take a few years until the new 2.1 equipment dominates the market. As long as you still use your pre-2.1 Bluetooth cellphone, or laptop, or earpiece, or car audio system, you are still vulnerable. So practice safe Bluetooth-ing:

• Always pair your Bluetooth devices in a safe and private place, like your office or home. Do not type in your Bluetooth PIN at the airport terminal!
• Be suspicious if your cellphone asks you to type your PIN when you don't expect it to. Bluetooth devices store the negotiated outcome or the pairing and don't require the PIN any more. Ask yourself if there is a reason why your device forgot these settings.

You do not have flash or javascript support.

Average (2 votes)

Reply