|
|
Programming Help |
Homework Help |
Counseling Astrology Advice | Tarot Advice | Parenting Dating Advice | Love Advice | Divorce Advice Legal Advice | Debt Advice | Career Advice W IRELESS N ETWORK S ECURITY 4-11 If authentication fails, a Bluetooth device will wait an interval of time before a new attempt can be made. This time interval will increase exponentially to prevent an adversary from repeated attempts to gain access by defeating the authentication scheme through trial-and-error with different keys. However, it is important to note that this "suspend" technique does not provide security against sophisticated adversaries performing offline attacks to exhaustively search PINs. Again, the Bluetooth standard allows both uni-directional and mutual authentication to be performed. The E 1 authentication function used for the validation is based on the SAFER+ algorithm. 42 The Bluetooth address is a public parameter that is unique to each device. This address can be obtained through a device inquiry process. The private key, or link key, is a secret entity. The link key is derived during initialization, is never disclosed outside the Bluetooth device, and is never transmitted over the air- interface. The random challenge, obviously a public parameter, is designed to be different on every transaction. The random number is derived from a pseudo-random process within the Bluetooth device. The cryptographic response is public as well. With knowledge of the challenge and response parameters, it should be impossible to predict the next challenge or derive the link key. The parameters used in the authentication procedure are summarized in Table 4-3. Table 4-3. Summary of Authentication Parameters Parameter Length Secrecy Characteristic Device address 48 bits Public Random challenge 128 bits Public, unpredictable Authentication (SRES) response 32 bits Public Link key 128 bits Secret 4.3.1.3 Confidentiality In addition to the authentication scheme, Bluetooth provides for a confidentiality security service to thwart eavesdropping attempts on the air-interface. Bluetooth encryption is provided to protect the payloads of the packets exchanged between two Bluetooth devices. The encryption scheme for this service is depicted conceptually in Figure 4-7. As shown in Figure 4-8, the Bluetooth encryption procedure is based on a stream cipher, E 0 . A key stream output is exclusive-OR-ed with the payload bits and sent to the receiving device. This key stream is produced using a cryptographic algorithm based on linear feedback shift registers (LFSR). 43 The encrypt function takes as inputs the master identity (BD_ADDR), the random number (EN_RAND), a slot number, and an encryption key, which initialize the LFSRs before the transmission of each packet, if encryption is enabled. Since the slot number used in the stream cipher changes with each packet, the ciphering engine is also reinitialized with each packet although the other variables remain static. As shown in Figure 4-8, the encryption key provided to the encryption algorithm is produced using an internal key generator (KG). This key generator produces stream cipher keys based on the link key, random number (EN_RAND again), and the ACO value. The ACO parameter, a 96-bit authenticated 42 A family of SAFER algorithms was developed by James Massey and used in Cylink Corporation products. SAFER stands for Secure And Fast Encryption Routine. The SAFER algorithms are iterated block ciphers (IBC). In an IBC, the same cryptographic function is applied for a specified number of rounds. 43 LFSRs are used in coding (error control coding) theory and cryptography. LFSR-based key stream generators (KSGs), comprised of exclusive-OR gates and shift registers, are common in stream ciphers and are very fast in hardware. |
Find more freelance jobs
|
