Bluetooth Pairing

As discussed in Section 4.0 pairing is the procedure where a relationship (link
key) is established between two previously unknown devices. The link key is
derived when the devices are initially paired (i.e. the link key does not exist
before the pairing procedure). Pairing is facilitated with yet another key, the
initialization key. This key is computed by a pair of devices using the Bluetooth
addresses of each device, a random number, and a shared secret (PIN). Since it
is only used in the initial pairing, the initialization key is only used once.
The initial pairing is the most profitable area of attack on a Bluetooth device. If
the attacker can guess or steal the PIN during the initial pairing, then he can
perform a much more efficient search to derive the link key. This search is
further simplified if the communications occurring while the devices are paired is
recorded [5]. For this reason the Bluetooth SIG strongly encourages the use of
long, random PINs and suggests that pairing be performed only in a private
place. Assuming that both devices have a man-machine interface (such as a
keypad) it is also suggested that the PIN be manually entered into both devices
or in any case communicated out-of-band (not transmitted over the Bluetooth
wireless link). Thus, long PINs provide improved security since the PIN cannot
be received over-the-air. To steal the PIN an attacker must guess or record it by
some other means such as direct observation of the user, a more difficult
procedure if the PIN is long and the pairing is performed in private.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: