Like 802.11b, Bluetooth technology provides a method for authenticating
devices. Device authentication is provided using a shared secret between the
two devices. The common shared secret is called a link key. This link key is
established in a special communications session called pairing. All paired
devices (devices that have had a previous connection to establish security
procedures) share a common link key. There are two types of link keys defined in
the : unit keys and combination keys.
A device using a unit key uses the same secret for all of its connections. Unit
keys are appropriate for devices with limited memory or a limited user interface.
During the pairing procedure the unit key is transferred (encrypted) to the other
unit. Note that only one of the two paired units is allowed to use a unit key.
Combination keys are link keys that are unique to a particular pair of devices.
The combination key is only used to protect the communication between these
Clearly a device that uses a unit key is not as secure as a device that uses a
combination key. Since the unit key is common to all devices with which the
device has been paired, all such devices have knowledge of the unit key.
Consequently they are able to eavesdrop on any traffic based on this key. In
addition, they could, in theory, be modified to impersonate other devices using
the key. Thus, when using a unit key there is no protection against attacks from
other devices with which the device has been paired. As a result, the Bluetooth
SIG discourages the use of unit keys in secure applications.
Authentication is performed with a challenge response scheme utilizing the E1
algorithm. E1 is a modification of the block cipher SAFER+. The scheme
operates as follows: The verifier issues a 128 bit long challenge. The claimant
then applies E1 using the challenge, its 48-bit Bluetooth address, and the current
link key. He then returns the 32 most significant bits of the128 bit result2. The
verifier confirms the response, in which case the authentication has succeeded.