Preliminary stu dy :BLUETOOTH SECURITYSil JanssensSil.Janssens@v u b.ac.beJanu ary 9, 2005Last u pdated 22/11/2004DateComment22/11/2004Additions and correctionsafter remarks of Robert Maier and Dav e Singelee09/11/2004Additions and corrections04/11/2004Adaptations after remarks of Philip Cara27/10/2004Adaptations after remarks of Dav e Singelee18/10/2004Corrections17/10/2004Corrections and additions16/10/2004Corrections and additions14/10/2004Corrections and additions10/10/2004Corrections and additions6/10/2004First DraftTable 1: Version History1Contents1Introduction31.1Purpose and scope . . . . . . . . . . . . . . . . . . . . . . . . . . . .31.2Definitions, acronyms and abbreviations . . . . . . . . . . . . . . . .31.3References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72Bluetooth overview142.1Bluetooth specifications . . . . . . . . . . . . . . . . . . . . . . . . .143Overall securitydescription154Bluetooth securityoverview164.1Security Mode 1: Nonsecure mode . . . . . . . . . . . . . . . . . . .164.2Security Mode 2: Service-level enforced security mode . . . . . . . .174.3Security Mode 3: Link-level enforced security mode. . . . . . . . .174.4Bluetooth Key Generation from PIN . . . . . . . . . . . . . . . . . .174.5Bluetooth Authentication . . . . . . . . . . . . . . . . . . . . . . . .184.6Bluetooth Encryption Process . . . . . . . . . . . . . . . . . . . . . .194.7Problems with the Bluetooth Standard Security. . . . . . . . . . . .205Bluetooth security attacks225.1Impersonation attack by inserting/replacing data . . . . . . . . . . . .225.2Bluejacking . . . . . . . . . . . . . . . . . . . . . . . . . ....
