Bluetooth security mechanisms

The basic security mechanisms used in Bluetooth equipment are:

1. Bonding

When two devices communicate, they can initiate a process known as bonding, where each of them uses a PIN code provided by the user to generate two secret keys: A link key, and an encryption key. For the bonding procedure to succeed, the user must supply the same PIN code to both devices, so they both generate the same pair of keys. These keys are used in the authentication and encryption procedures described below.

2. Authentication

Authentication is the process by which a device verifies another device's identity. The mechanism used for this purpose in Bluetooth is a so-called challenge-response scheme, in which:
  1. One party (the claimant) sends its address to the other (the verifier).
  2. The verifier sends a random challenge (in fact, a number generated by a random number generator) to the claimant.
  3. The claimant replies with a response, which it works out on the basis of the challenge, the address and the shared secret link key, and sends it to the verifier.
  4. The verifier works out the response which it expects to receive on the basis of the challenge, the address and the shared secret link key, and compares it with the response actually received.

Bluetooth authentication

If the expected and received responses are identical, the two participants have evidently used the same information to work out their responses. Since the necessary information includes the secret link key, which is assumed only to be known by the two participants who took part in the bonding process, each of them can be pretty certain that it is communicating with its true "bonding partner". If this is the case, the authentication process terminates successfully, otherwise the connection between the two parties is broken.

3. Confidentiality

Confidentiality is ensured by encryption of the data sent between two Bluetooth devices. Encryption is based on a so-called stream cipher. In this form of encryption, a continuous sequence of encryption keys (a keystream) is produced by the sender and combined with the stream of unencrypted data to produce a stream of encrypted data, which is transmitted to the receiver. At the receiver, an identical keystream is produced, and used to extract the unencrypted data from the encrypted data:

Bluetooth encryption

Each key in the keystream is generated in two steps:

  1. The secret shared link key is combined with a random number to produce an encryption key.
  2. The encryption key is combined with the address and the random number to produce the next key in the keystream.
It is important to make it as difficult as possible for an intruder to guess the sequence of encryption keys, since if he could do so he could decrypt the stream of encrypted data. Ideally, even if the intruder actually managed to find a long sequence of keys, he would be unable to deduce what the next one would be. To ensure this, successive encryption keys are generated using successive random numbers generated by a random number generator for which it is extremely difficult to guess the next number, even if one has seen a long sequence of numbers already.
Robin Sharp
Last updated 050518.