It has been very quiet at the Bluetooth front for over a year now. The last time I heard of Bluetooth in the press was when version 2.1 of the standard was released in summer 2007 which promises simpler pairing procedures and updated security protocols and procedures. I haven't seen much of this in practice yet, however. Also, there have been announcements on an ultra low power implementation for very small devices such as sensors and watches by including Nokia's Wibree developments and very fast transmission rates by porting the upper layers of the Bluetooth stack over to Wi-Fi. Both announcements were also made back in the middle of 2007. Since then, no word. Anyone's got an update?
The Bluetooth Special Interest group has recently published version 2.1 of their specification. While the press mostly writes about the new easy pairing mechanisms, 2.1 contains a complete security overhaul.
It looks like this has become quite necessary since two attacks are now known that can break the security of the pairing process. While encrypted Bluetooth transmissions are still secure, intercepting the initial pairing sequence allows a passive attacker that just collects packets to compute the PIN used by both devices. A further attack for which specialized equipment is required can force a Bluetooth device into re-pairing so an attacker does not have to be present during the initial pairing. In practice, re-pairing means entering the PIN again. Users thus do get a warning when somebody tries such an attack.
BT 2.1 changes the pairing process fundamentally and now offers the following modes in what the standard referrs to as "Secure Simple Paring":
Numeric Comparison Protocol: The major difference of this pairing scheme compared to what has been done before is that instead of a PIN, a pair of public/private keys is used by each device together with the Elliptic Curve Diffie-Hellman one way cryptography algorithm. Each device sends its public key to the other side which then uses it to encrypt a secret to be returned. Once the encrypted secret is received, it is decrypted by using the private key. The encryption/decryption only works one way so an attacker intercepting the communication cannot decrypt the secret and thus cannot generate the link keys that identify the devices later on. This kind of authentication and ciphering key generation is very similar to what is done today to protect web pages with SSL/TLS and certificates. To protect against a man in the middle attack the pairing procedure then continues and a 6 digit number is then calculated on both sides and shown to the user. The 6 digit number will only be identical on both sides if the conversation has not been tampered and hence ensures that no third device has intercepted and modified the pairing messages. (Note that a man in the middle attack is not possible in SSL/TLS since it uses a certificate authority and trusted certificates in the browser)
Just Works Protocol: The same as the Numeric Comparison Protocol described above but the 6 digit number calculation process is skipped. While offering no protection against an active man in the middle attack some devices do not have a display to show a 6 digit number. Thus, such a pairing should only be performed when the user can be reasonably certain that no attacker can be close by. The encryption whenever a connection is established later on, however, is not impacted by this weakness and thus even this protocol offers enough protection for most applications. It’s also important to point out that the attacker has to be present each time the two devices start to communicate with each other as otherwise the connection establishment will fail.
Passkey Protocol: In this protocol a passkey (PIN) which has been entered by the user in both devices is used just as in the original Bluetooth specification. The way the PIN is used during the pairing process, however, is fundamentally different. Again public/private key pairs and random numbers are used by each device to generate the link keys. The PIN is just used to prevent a man in the middle attack as follows: For each bit a commitment message is generated by both devices by using a one way algorithm that takes the public keys of both sides, a random number generated individually by each side and the bit of the PIN to be committed as input parameters. Afterwards the commitments are exchanged between the devices. Once this is done, device A then sends the random number it has used to generate the commitment. This allows device B to verify that the commitment message was not tampered with. If the message was correct, device B sends its random number to device A so it can also check that the message was correct. For the following bit the order in which the random numbers are exchanged is reversed, i.e. device B has to send the random number first. A device in the middle can thus not forge commitments since it does not know the PIN and the random numbers are only exchanged after the commitment. Since commitments are given in an alternating fashion a device in the middle can only get one bit of the PIN from each side before it has to start guessing the value of the bit.
Out Of Band Protocol: And finally, Bluetooth 2.1 also allows using out of band exchange of security information such as via NFC (Near Field Communication) during the pairing process. This makes things even easier and more secure by only requiring two devices to come very close during the paging process. Both active and passive NFC is supported. In active mode, the NFC device is connected to the Bluetooth chip and can both transmit and receive authentication information. Some devices such as headsets do not have room for the extra NFC hardware. In such a case a passive NFC tag is used which could be attached to the manual or the box of the device. Pairing is then initiated by a device with an active NFC component which is held close to a passive NFC tag. The passive NFC tag then transmits all information required to start the pairing process.
Here are some links for the technical deep-dive:
Bluetooth’s had a speed dilemma for quite some time now. After introducing new modulation and coding schemes with Bluetooth 2.0 already back in 2004 it seems to be impractical to push speeds beyond 2 MBit/s on the original Bluetooth physical layer. A speed upgrade, however, is direly needed as file sizes of photos and videos grow. Also, network speeds of HSDPA and EV-DO networks already surpass Bluetooth 2.0 speeds, thus rendering it unsuitable as a technology to connect notebooks to phones for high speed wireless Internet access.
In 2005/2006 the Bluetooth Special Interest Group (SIG) decided to use the Ultra Wide Band (UWB) standard of the WiMedia Alliance as a phyiscal layer. Up to today, however, standards have not been published and no devices are in sight. Instead, it is now rumored that the SIG has started talks with the 802.11 working group to also use Wifi as a physical layer for future Bluetooth versions.
The rumors are spread by two reliable German technology and telecommunication magazines, Heise News and Teltarif. Unfortunately they are only quoting "well informed circles" and do not give any references for their claims. The English speaking world seems not to have picked up on it so far, my Google search came up empty. If you’ve seen this rumor somewhere else, please leave a comment with the link.
Too little too late?
I wonder if faster Bluetooth is still needed as other wireless alternatives are already on the market today. Many phones such as Nokia’s N-Series phones (think N80, N93, N95…) have Wifi on board, as have many Windows Mobile PDA’s. These devices could use their wifi chips in access point mode as suggested here to offer notebooks (plural!) access to the Internet via their fast HSDPA or EV-DO chips. As far as I know none of these devices actually allow this today but the hardware is in place. No need for an extra Bluetooth stack on top.
For other uses such as large picture and video file transfers other alternatives that use Wifi are already available today as well. Nokia has put Universal Plug and Play (UPnP) into some of their N-Series phones to connect their devices to the digital home.
If Bluetooth wants to play a role in this market in the future the SIG has quite some catch-up to play or else Bluetooth will be doomed in the future as a technology for wireless headset connection and as slow data exchange protocol for small files.