Bluetooth Authentication and Key Generation

The SAFER+ algorithm is used for authentication and key generation. This is a 128bit block cipher that encrypts the communication on the LMP. Since the link key will be derived from the PIN, it should be at least eight characters. It's also advisable to not pair devices in public, because it might be possible to obtain the chosen link key if the pairing procedure has been intercepted or interfered with. The encryption of transmitted data is (unfortunately) optional and depends upon the particular device and vendor (surely some devices are out there without support for encryption). If enabled, the E0 stream cipher will be used to encrypt the transferred packets. The paper "Bluetooth Security" discusses the authentication, encryption, and their risks in detail (see ~jiitv/bluesec.html).

The Host Controller Interface Daemon (hcid) is capable of handling pairing events. Usually the daemon is configured in /etc/bluetooth/hcid.conf. The most important options are shown in the next listing.

options {

security user;

device {

name "faroth";

The security option controls where the PIN is obtained from. If it is set to user, the specified pin_helper will be executed to ask the user for the PIN. On most distributions /usr/bin/bluepin is a Python application that displays a graphical input box into the user's X session. The name option specifies the computer's friendly name. The auth option activates the authentication built into the Bluetooth protocol stack.

Having configured your system this way you can establish a pairing once and trust that you're communicating with your own device in future connection attempts.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook

Post a comment