Seminar Report

Bluetooth Technology

Shri Guru Gobind Singhji Institute of Engineering & Technology.

Presented by, Poonam Singh(2008BCS021)

Faculty co-ordinator: Mrs.

Introduction:

BLUETOOTH represents a single chip, low cost, low power radio based network technology for Wireless Personal Area Networks (WPAN) Bluetooth wireless technology is a short-range communications system intended to replace the cables connecting portable and/or fixed electronic devices. It can connect several devices, overcoming problems of synchronization. Bluetooth uses a radio technology called frequency hopping spread spectrum. It provides Wireless interconnections between low power, short range, small mobile devices (Palmtops, Laptops, PDAs, phones, etc) in close proximity (within a room, car, cabin,elevator). Some of its common functions are passing and synchronizing data, such as a PDA and computer, and connecting to the Internet. Bluetooth works in the unlicensed 2.4-GHz industrial, scientific, and medical (ISM) band and uses frequency-hopping spread-spectrum (FHSS) communication, which transmits data over different frequencies at different time intervals. This is accomplished by making hops to different frequencies through the ISM band. A device makes about 1600 hops per second, which is spaced out over 1 MHz. The developers of this wireless technology first used the name "Bluetooth" as a code name, but as time passed, the name stuck. The word "Bluetooth" is taken from the 10th century Danish King Harald Bluetooth. King Bluetooth had been influential in uniting Scandinavian Europe during an era when the region was torn apart by wars and feuding clans. Since Bluetooth is a wireless protocol, anyone with an appropriate receiver can intercept transmissions. In order to reduce hacking, Bluetooth supports device authentication, which means, devices that share information use a shared secret key, or link key to authenticate one another. If the devices have communicated in the past, they will share a common link key, which can take two forms. The first, and least secure, is a unit key. A unit key is the same secret key for every device that has established a connection. The second, and much more secure, is a combination key. Combination keys are unique and change each time the devices make a new connection, so no two devices share the same key. Since the keys are different, it is much easier to protect the communication between the devices. Bluetooth technology

 Provides freedom from wires Supports creation of Adhoc piconets and Personal Area Networks(PAN) with limited coverage (within the range of 10 ms) Doesnot require Infrastructure support like Switches, Access Points, hubs, routers, etc. for establishing interconnectivity Connects Keyboard, mouse, printers, headphones, head sets with speakers etc. to PC without wires. To Interconnects hand held, portable, battery operated devices like mobile phones, hands free equipment with mobile phones, PDAs, mobile computers, communicators, microphones, wireless speakers to home theatre systems. The Bluetooth core system consists of an RF transceiver and follows IEEE 802.15 standards. The system offers services that enable the connection of mobile devices and exchange of a variety of data (voice, music, graphics, text) between these devices. Bluetooth consortium was formed by 5 companies in 1998 i.e. Ericsson, Intel, IBM, Nokia and Toshiba. Blue-tooth standard is adopted by over 1000 manufacturers of electronics appliances (Akai, Motorola, LG, Samsung, Nokia, for music, video, data, fax m/c ) The Promise of Bluetooth What it can do The promise of Bluetooth is extremely ambitious. If Bluetooth lives up to its potential, it will revolutionize the way people interact with information technology. Originally conceived as a low-power shortrange radio technology designed to replace cables for interconnecting devices such as printers, keyboards, and mice, its perceived potential has evolved into much more. It has given rise to the concept of the Personal Area Network (PAN), a technology of convenience where everything within the Personal Operating Space (POS) of an individual that is related to communicating information (both voice and data) is automatically tied into a seamless peer-to-peer network that self-configures to make information easily accessible. Scenarios for its usage are many and diverse and are only limited by the imaginations of the companies that create the products.

Compared with wireless LANs

There is even talk of Bluetooth competing with WLANs, but Bluetooth products work over shorter distances and are designed to

solve different problems. While the functionality of a WLAN device stands alone as a network component, the functionality of a Bluetooth component requires a host. The host can be any number of Bluetooth -enabled devices such as cell phones, headsets, keyboards, PDAs, vending machines, cameras, and bar code readers.
Usage model examples

Following are examples of some usage models for Bluetooth devices. Wireless headset The leading adoption of Bluetooth will initially be in the arena of mobile phones. Nearly every major mobile phone manufacturer has already released Bluetoothenabled models of their popular phones. The driver for this adoption is the ability to use a wireless headset with the phone. The impact of mobile phone radiation on health has been under scrutiny for some time, especially since the phone is usually held near the head. The radio frequency energy emitted by a Bluetooth wireless headset is a fraction of that emitted by a mobile phone. Additionally, the convenience of being cordless means the phone can be used even if it is in a briefcase or the trunk. Internet Bridge Bluetooth wireless technology can be used to allow a mobile phone or cordless modem to provide Dial-Up Networking (DUN) capabilities for a PC, allowing it to connect to the Internet without a physical phone line. This enables a laptop to automatically utilize the users nearby cell phone to dial and connect to a dial-up service. The user doesnt need to touch the phone, which might be in a briefcase or coat pocket. File exchange The ability to perform peer-to-peer file exchange without the presence of a network infrastructure has many advantages. For example, a salesperson may choose to share the contents of an electronic slide presentation (as well as datasheets, business cards, and other electronic collateral) with the audience. Bluetooth enables the automatic detection of any Bluetooth devices in the room, enabling the transfer (with the receivers permission) of all selected files. (This could also be done with a wireless LAN, but all parties involved would have to configure their clients to use compatible network settings. This is not required for Bluetooth.)

Synchronization Bluetooth allows for data synchronization between devices. For example, a desktop computer that is Bluetooth enabled can

wirelessly synchronize its contact list, task information, calendar, etc., to a users phone, PDA, or notebook. Several Bluetooth- based synchronization models already exist for both Pocket PC and Palmbased PDAs. Printing HP is making printers and notebooks with embedded Bluetooth technology. Bluetooth-enabled devices can automatically detect Bluetooth-enabled printers in their area and wirelessly send documents to the printer without going through lengthy network and printing setup processes. Mobile users who frequently visit remote offices will find Bluetooth printing a significant improvement in convenience to their current experience.
An engineering challenge

The demands of creating Bluetooth-enabled products are very challenging. Consider the following: Bluetooth must have a very flexible application topology. For example, you might want your PDA to be able to communicate with any nearby printer, but do you want your cell phone to send its audio to any nearby hands-free headset? Bluetooth must be automatically configurable. If a Bluetooth product cant figure out whom it should and shouldnt talk to and how, the marketplace will consider it too complicated to use. Bluetooth must have quality of service (QoS) features to support voice. No one wants cell phones with shorter battery life, so the power required to support Bluetooth capability must be very low. No one wants PDAs that are larger, so adding Bluetooth capability to a device should not noticeably increase its size. In order to replace cables, Bluetooth cannot cost more than cables. This means that Bluetooth technology cannot add more than $5 to the cost of the host device. The phrase Wireless connections made easy, which is printed on the cover page of the more than 1,500 pages of engineering specifications that define Bluetooth, means easy for 4 the user, but hard for the engineers designing the products. For the reasons outlined above, Bluetooth presents some of the most demanding engineering challenges in the telecommunications arena, and products are only just now beginning to appear on the market. Features of Bluetooth: 1. Power consumption is very low due to battery operated devices. 2. Freq. Band (2400-2483.5 MHz) 83.5MHz. B.W.

3. Fast Freq. Hopping TDD scheme at a rate of 1600 hops/sec. 4. Within a Pico net all devices use the same hopping sequence 5. Transmitter Power upto 100mW. 6. Range 10m-100m with special transceivers.

Security Data privacy and integrity are always a concern in wireless, mission critical applications. Therefore, Bluetooth low energy technology is designed to incorporate high level security including authentication, authorization, encryption and man-in-the-middle protection. Interoperability Bluetooth low energy technology is an open standard maintained and developed by the Bluetooth SIG. Strong qualification and interoperability testing processes are included in the development of technology so that wireless device manufacturers can enjoy the benefits of many solution providers and consumers can feel confident that their equipment can communicate with other devices regardless of manufacturer. Past versions of standard All versions of the Bluetooth standards are designed for downward compatibility. That lets the latest standard cover all older versions.

Bluetooth v1.0 and v1.0B Versions 1.0 and 1.0B had many problems, and manufacturers had difficulty making their products interoperable. Versions 1.0 and 1.0B also included mandatory Bluetooth hardware device address (BD_ADDR) transmission in the Connecting process (rendering anonymity impossible at the protocol level), which was a major setback for certain services planned for use in Bluetooth environments. Bluetooth v1.1

Many errors found in the 1.0B specifications were fixed. Added support for non-encrypted channels.

Bluetooth v1.2 This version is backward compatible with 1.1 and the major enhancements include the following:

Faster Connection and Discovery Adaptive frequency-hopping spread spectrum (AFH), which improves resistance to radio frequency interference by avoiding the use of crowded frequencies in the hopping sequence.

Bluetooth v2.0 + EDR This version of the Bluetooth Core Specification was released in 2004 and is backward compatible with the previous version 1.2. The main difference is the introduction of an Enhanced Data Rate (EDR) for faster data transfer. Bluetooth v2.1 + EDR Bluetooth Core Specification Version 2.1 + EDR is fully backward compatible with 1.2, and was adopted by the Bluetooth SIG on July 26, 2007.The headline feature of 2.1 is secure simple pairing (SSP): this improves the pairing experience for Bluetooth devices, while increasing the use and strength of security. Bluetooth v3.0 + HS Version 3.0 + HS of the Bluetooth Core Specification were adopted by the Bluetooth SIG on April 21, 2009. The High-Speed part of the specification is not mandatory, and hence only devices sporting the "+HS" will actually support the Bluetooth over Wi-Fi high-speed data transfer. Bluetooth v4.0
The Bluetooth SIG completed the Bluetooth Core Specification version 4.0, which includes Classic Bluetooth, Bluetooth high speed and Bluetooth low energy protocols. Bluetooth high speed is based on Wi-Fi, and Classic Bluetooth consists of legacy Bluetooth protocols. This version has been adopted as of June 30, 2010.

Piconets and its Architecture:

A network of devices connected in an ad hoc fashion using Bluetooth technology. A piconet is formed when at least two devices, such as a portable PC and a cellular phone, connect. A piconet can support up to

eight devices. When a piconet is formed, one device acts as the master while the others act as slaves for the duration of the piconet connection. A piconet is sometimes called a PAN. A piconet is a computer network consisting of devices using the Bluetooth technology protocols to allow one master device to interconnect with up to seven active slave devices using a three-bit MAC address. In addition to this a further 255 slave devices can be connected in an "inactive", or "parked" mode, which can be made "active" at any time by the master device. Connections can be point-to-point or multipoint. A piconet architecture is designed to serve a limited number of devices (that is, up to seven slaves within one master device range) in active state owing to a very short range of Bluetooth wireless communication. The range of Bluetooth wireless communication is normally not more than 30 feet (10 meters approx.) and that result in curtailing the throughputs of wireless data communication as number of the slave devices are increased in its network. However, in a typical scenario, where higher number of Bluetooth enabled devices need to communicate for data exchange, the master Bluetooth-enabled device is capable of swapping the active slaves for the parked slaves in a round robin sequence, normally based of priority assigned. Any Bluetooth device can be a master or a slave, depending on the application scenario. Bluetooth employs frequency hopping spread spectrum (FHSS) to communicate. So in order for multiple Bluetooth devices to communicate, they must all synchronize to the same hopping sequence. The master sets the hopping sequence, and the slaves synchronize to the Master. A piconet is formed by a master and up to seven active slaves. The slaves in a piconet only communicate with the master. A scatter net can be formed by linking two or more piconets. When a device is present in more than one piconet, it must time-share and synchronize to the master of the piconet with which it is currently communicating.

How It Works Bluetooth piconets utilize frequency hopping: 79 frequencies are used and they change frequencies 1600 times per second. They use an

assigned frequency of 2.45 GHz, a frequency set aside for this purpose by the ISM(Industrial Scientific and Medical) frequency band. Since, each piconet has a unique master with its unique Bluetooth device address (BD_ADDR) as well as its own clock, therefore, each piconet has its unique frequency hopping sequence. When a connection is initiated by Bluetooth enabled devices, the master devices clock along with the device address (BD_AAR) is transmitted to the slave devices in a packet known as Frequency-Hop Synchronization Packet (FHS packet). The device address of the master device is used to calculate the sequence of frequency hops which all devices within a piconet, follow. The clock of the master device assigns the sequence of the frequency hops. All devices within a piconet use the difference between their own native clock and the masters native clock to make use of particular frequency in order to transmit or receive radio signals on a particular moment. Using this method, the Bluetooth devices within a piconet are able to avoid one anothers transmission by persistently changing frequency channels. While the topology and hierarchical structure of WLAN networks are relatively simple, Bluetooth networks are far more diverse and dynamic. They are constantly being formed, modified, and dissolved, as Bluetooth devices move in and out of range of one another. And because different Bluetooth devices can represent many different usage profiles, there are many different ways in which Bluetooth devices can interact. Features A piconet typically has a range of about 30 feet (or 10 meters) and has a transfer rate of between about 400kbps and 700kbps (kbits per second), depending on whether synchronous or asynchronous connection is used. However, Class 1 devices can have a range of up to 300 feet (100 meters.). Multiple piconets with overlapping coverage areas form a scatternet. Each piconet may have only one master, but slaves may participate in different piconets on a time-division multiplex basis. A device may be a master in one piconet and a slave in another or a slave in more than one piconet. Scatternet environment requires that different piconets must have a common device (so-called scatternet member) to relay data between the piconets. Bluetooth Security

Bluetooth security, when compared with WLAN security, is both more complex and simpler. It is more complex in the sense that there are many different options for security based on different application scenarios. It is simpler in the sense that, for the most part, they are transparent to the user. With WLANs it is up to the network administrator to add security at higher levels. With Bluetooth, since the Bluetooth spec includes all levels, higher-level security features are already built into the devices when appropriate. Bluetooth security includes both authentication and confidentiality, and is based around the SAFER+ encryption algorithm. SAFER+ is a block cipher, but in this application is implemented as a stream cipher. SAFER+ was thoroughly analyzed and tested during the NISTs search for a national encryption standard. Although some versions were found to have very minor weaknesses, the 128-bit version as used in Bluetooth is considered very strong. Link layer security keys and more keys The Bluetooth Baseband (link layer) specification defines methods for both authentication and encryption that are subsequently utilized by higher layers. These methods utilize a number of keys generated by a process that begins with three basic device entities: a public 48-bit device address, a random number generator, and a secret PIN which is either built into the unit by the manufacturer or programmed by the user. The first of many keys is created the first time the Bluetooth device is installed on the host and is typically never changed. This is referred to as the unit key. Authentication When a Bluetooth session (defined as the time interval for which the device is part of a piconet) is initiated, a series of additional keys is generated. One of these keys, referred to as the link key or authentication key, is a one-time 128-bit secret key that is used only during that session. The process of authentication employs the encryption of a random number by each device to verify that each is sharing the same secret link key. Encryption If encryption is required by the application, an encryption key is further derived from the link key, a ciphering offset number, and a

random number. While the authentication key is always 128-bits, the encryption key may be shorter to accommodate government restrictions on encryption, which vary from country to country. A new encryption key is generated each time the device enters encryption mode. The authentication key, however, is used during the entire session. Application layer security The Bluetooth General Access Profile defines three security modes: Mode 1 is non-secure. Authentication is optional. Mode 2 gives service-level enforced security. The service provided by the application decides whether or not authentication or encryption is required. The Bluetooth SIG has published the Bluetooth Security Architecture white paper5 that defines a suitable architecture for implementing service-level enforced security on Bluetooth devices. The white paper splits devices into different categories and trust levels, as well as suggesting three security levels for services. The utilization of a database is suggested for enabling the user to authorize devices to utilize only particular services. Because the implementation of security at this level does not affect interoperability, this white paper is advisory only, and is not part of the Bluetooth specification. Mode 3 is link-level enforced security. Both devices must implement security procedures in order for a connection to be established. In addition to the above modes, a device can be configured to not respond to paging, so that other devices cannot connect to it. Or it can be configured so that only devices that already know its address can connect to it. Such numerous and complex levels of security are necessary to accommodate the large variety of different usage scenarios. It falls on the designers of Bluetooth products to ensure that the complexity of Bluetooth is hidden from the user, while still providing the user with necessary security options. Security has played a major role in the invention of Bluetooth. The Bluetooth SIG has put much effort into making Bluetooth a secure technology and has security experts who provide critical security information. In general, Bluetooth security is divided into three modes: (1) non-secure; (2) service level enforced security; and (3) link level enforced security. In non-secure, a Bluetooth device does not initiate any security measures.

The recently reported issues of advanced "hackers" gaining access to information stored on select mobile phones using Bluetooth functionality are due to incorrect implementation. The names bluesnarfing, bluejacking and bluebugging have been given to these methods

of illegal and improper access to information. The following sections provide users with more information about these current issues and will address their concerns for dealing with these security risks. What is bluejacking? Bluejacking allows phone users to send business cards anonymously using Bluetooth wireless technology. Bluejacking does NOT involve the removal or alteration of any data from the device. These business cards often have a clever or flirtatious message rather than the typical name and phone number. Bluejackers often look for the receiving phone to ping or the user to react. They then send another, more personal message to that device. Once again, in order to carry out a bluejacking, the sending and receiving devices must be within 10 meters of one another. Phone owners who receive bluejack messages should refuse to add the contacts to their address book. Devices that are set in nondiscoverable mode are not susceptible to bluejacking. What is bluebugging? Bluebugging allows skilled individuals to access the mobile phone commands using Bluetooth wireless technology without notifying or alerting the phones user. This vulnerability allows the hacker to initiate phone calls, send and receive text messages, read and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. As with all the attacks, without specialized equipment, the hacker must be within a 10 meter range of the phone. What is bluesnarfing? Bluesnarfing allows hackers to gain access to data stored on a Bluetooth enabled phone using Bluetooth wireless technology without alerting the phones user of the connection made to the device. The information that can be accessed in this manner includes the phonebook and associated images, calendar, and IMEI (international mobile equipment identity). By setting the device in non-discoverable, it becomes significantly more difficult to find and attack the device. Without specialized equipment the hacker must be within a 10 meter range of the device while running a device with specialized software. Only specific older Bluetooth enabled phones are susceptible to bluesnarfing. Bluetooth pros Bluetooth has several advantages, one of the most notable is its ease of use. As with every other wireless technology, Bluetooth frees up the user from being bogged down by wires. With an increasing number

of peripheral devices, all the wires can become overcrowded and, at times, confusing. If all the wires and slots are not color-coded, it can become very difficult to figure out the location that each wire gets plugged into, even for a professional. With Bluetooth, all these wires disappear, saving the user the time that would be spent trying to figure out how to get all the devices connected. When two Bluetooth devices come within range of each other, they automatically make a connection and decide if there is any information that needs to be passed, or if one needs to control the other. Not only is the fact that Bluetooth devices use wireless communication an advantage, but also that the communication is done automatically. This reduces user interaction time, and tasks can be accomplished more efficiently. Within a wired environment, if the user wanted two devices to be synchronized, data would either need to be reentered by hand or connect the devices by wires. If the user would forget to do the synchronization, the data would eventually become outdated, and could lead to data discrepancies. Because of the automatic communication between Bluetooth devices, the user does not need to worry about forgetting to synchronize, so the data between devices would always match and be up-to-date. Another advantage of Bluetooth is its added security features. The fact that it is a short-range technology (about 3 m) adds some security in itself, because someone would need to be close to the communicating devices to be able to intercept the signal. As discussed earlier, the authentication process is also much more indepth and harder to crack than that of other wireless standards. Bluetooth cons Even though Bluetooths short range helps security, there is still the possibility that someone can intercept the signal. The signal that Bluetooth devices send out is sent in every direction, and can travel through walls. Intercepting the signal could be just as easy as sitting in the next room and listening to someones conversation. With the increasing speeds of computers, programs and hacking equipment can be made to quickly and easily crack any code. With a wired network, a hacker needs to somehow tap into the companys network. This makes it harder for hackers because they need a physical connection, whereas with Bluetooth, all they need is a receiver that can catch the radio signals being sent out. As this technology continues to grow and mature, there will be better security measures, and someday may be as secure as some of the wired technologies. Conclusion

Bluetooth wireless is constantly growing in popularity because of the convenience of exchanging information between mobile devices. As Bluetooth usage rises, so do the security risks associated with the technology. Advantages to Bluetooth include the ability to simultaneously handle both data and voice transmissions which enables users to enjoy a variety of innovation solutions such as a hands-free headset for voice calls, printing and fax capabilities, and synchronizing PDA, laptop, and mobile phone applications.. (Bluetooth SIG, 2006) Bluetooth users should familiarize themselves with bluetooth security issues before using Bluetooth devices, and especially before they bring these devices into the work place.