This document discusses Bluetooth security. It provides an overview of Bluetooth specification and operation, including defining piconets and the 2.4 GHz frequency band. It then discusses Bluetooth security concepts like authentication, authorization, and symmetric key security. The document outlines security threats to Bluetooth like disclosure, integrity threats, and denial of service. It describes the Bluetooth security protocol and weaknesses like discoverability, lack of integrity checking, and man-in-the-middle attacks. It calls for more research on secure and lightweight protocols to address current Bluetooth security issues.

1. Presented by:-
Devyani B. Vaidya

2.  What is bluetooth?
 Specification of Bluetooth
 Bluetooth Security
 Terms in bluetooth security
 Security Threads
 Protocols in Bluetooth
 Location privacy
 Denial of service attacks
 Other weaknesses
 Conclusion

3. Telecommunication industry specification
that describe how mobile phone ,computer
and personal digital assistant can be easily
interconnected for the purpose of data
transfer using a short-range wireless
communication

4. 1998: Bluetooth SIG
IEEE 802.15
Range < 10m
2.4 GHz ISM band
Spread spectrum & frequency hopping
Piconets: 1 master and up to 7 slaves

5. How security is implemented for
services running on Bluetooth devices,
and future security issues for this
technology?
A Big issue now a days

6.  Authentication: process of determining
the identity of another user.
 Authorization: process of deciding if
device A has the access rights to device
B. Notion of “trusted”
 Symmetric Key Security: generally, A
trusts B if B can prove that it has the
same shared key that A does.

7. Disclosure Threat: leaking of information
from a system to an unwanted party.
Confidentiality violation.
Integrity Threat: unauthorized changes
of information during transmission.
Denial of Service Threat: resources
blocked by malicious attacker.
Availability violation.

8. 1. Generation of unit key
2. Generation of initialization key
3. Generation of link key
4. Mutual authentication
5. Generation of encryption key
6. Generation of key stream
7. Encryption of data

9. Radio jamming attacks
Buffer overflow attacks
Blocking of other devices
Battery exhaustion (e.g., sleep deprivation
torture attack)

10. Devices can be in discoverable mode
Every device has fixed hardware adress
Adresses are sent in clear

11. No integrity checks
No prevention of replay attacks
Man in the middle attacks
Sometimes: default = no security

12. Bluetooth has quite a lot of security
weaknesses!
Need for secure lightweight protocols
More research needed!!