How secure is - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

How secure is

Description:

Short range radio frequency wireless device. Bluetooth is a Personal Area ... Paris Hilton cell phone incident. 11. Current & Future Solutions. Simple password ... – PowerPoint PPT presentation

Number of Views:224
Avg rating:3.0/5.0
Slides: 18
Provided by: sisU5
Category:
Tags: hilton | paris | secure

less

Transcript and Presenter's Notes

Title: How secure is


1
How secure is
Darren Adams,Kyle Coble, andLakshmi Kasoji
2
Introduction to Bluetooth
  • Bluetooth has become very popular because
  • Power efficiency
  • Low costs
  • Short range radio frequency wireless device
  • Bluetooth is a Personal Area Network (PAN)
    wireless
  • device and can be used for
  • Portable laptops
  • Printers
  • Keyboards
  • Headsets
  • Cell phones
  • GPS devices
  • Ipods
  • PDAs
  • Automobile equipment

2
3
Introduction to Bluetooth
  • History
  • Bluetooth name came from Denmark.
  • Originally created by Jaap Haartsen and Sven
    Mattisson working for Ericsson in 1994.
  • Further developed by Special Interest Group (SIG)
    including
  • Ericsson
  • IBM
  • Nokia
  • Intel
  • Toshiba
  • In 1999, other companies added support including
    3Com Corporation, Lucent Technologies, Microsoft
    and Motorola

3
4
Introduction to Bluetooth
  • Bluetooth features
  • Frequency 2.5GHz. Communication is point to
    point or one point to several connections. Used
    globally without a license.
  • 10 to 100 meter transmit distances at 1Mbps.
  • Uses ad-hoc network, also called piconet. In a
    piconet, one device acts as master and other
    devices as slaves. Maximum of seven slaves
  • Low and high level of power depending on room
    size
  • Synchronous and asynchronous communication
    channels
  • wikipedia

4
5
Bluetooth Devices
  • Google Images

5
6
Bluetooth Security Risks
  • Significant target due to popularity
  • Newer technology means bugs and vulnerabilities
  • Numerous types of devices means different
    problems for each

6
7
PCs and Bluetooth
  • Ad-Hoc network in meeting
  • Some hubs have no router-like
  • security (simple relay)?
  • Class 1 Bluetooth devices can
  • extend 300 feet
  • Problems with fixed passkey
  • Short key means easy to guess
  • Separate keys for different types of access is
    recommended but rarely used (Linux)?
  • Initial key exchange is unencrypted
  • Hacker could extrapolate key (similar to cracking
    WEP encryption)

7
8
Bluetooth Passwords
  • Using one passkey for all connections
  • Instead of unique keys to each pairing, all
    devices (Laptop, PDA, Cell Phone, Printer,
    Headset, etc.) use same passkey
  • Hacker accesses one trusted device, all devices
    are now vulnerable
  • MAC address problems
  • Can identify MAC address and monitor traffic on
    device (class example of 2 companies merging)?
  • MAC unencrypted regardless of other encryption
  • Standard Linux commands can be used

hcitool scan Scanning ... 000AD9150B1C
T610-phone
8
9
Cracking Bluetooth
  • RedFang
  • Scans MACs one at a time
  • Odds of finding are low
  • Average 3-10sec / address
  • Sony Ericsson alone has 16,777,216 possible
  • 1,000 days
  • Devices available to analyze Bluetooth data
  • Cost prohibitive (9500.00)?

9
10
Cracking Bluetooth Cont.
  • Uses frequency hopping to deter, sequence is only
    pseudo-random
  • 1600 hops/second
  • Possibly find hop sequence and collect data
  • Owner forgets to disable device discovery
  • Unable to change MAC
  • Phone always allows connection attempt without
    prompting user
  • One device must enter discoverable mode to make
    connection

10
11
Device ID Weakness
  • 2 devices attempting to link are identified by
    name
  • Equipment not identified by unique MAC address
  • Leaves door open to exploit people (social
    engineering)?
  • Paris Hilton cell phone incident

11
12
Current Future Solutions
  • Simple password
  • Between 1 and 16 numbers (128bit)?
  • Some devices have hard-coded passwords
  • Basic encryption method, no variance
  • What else?!

Bluetooth
Wifi
12
13
Current Future Solutions
  • Security Mode 1
  • Device does not initiate special security
    mechanism but responds to authentication requests
  • No Encryption
  • Security Mode 2
  • Use of security mechanisms determined by trust
    status. Security is performed after
    authentication requests from other devices
  • Broadcast traffic is unencrypted
  • Security Mode 3
  • Authentication is necessary for connection
    establishment
  • All traffic is encrypted.

13
14
Current Future Solutions
  • Simple current solutions
  • Lower the transmission power
  • Set to un-discoverable
  • Pairing in an inception-proof environment
  • Use complex keys

14
15
Current Future Solutions
  • Example ActerBlue
  • Designed to make mobile e-commerce secure via
    Bluetooth
  • Done through onboard biometric ID system
  • Passwords are removed instead, fingerprint
    images are processed/stored on the card

15
16
Current Future Solutions
  • Hardware access point?
  • Allows owner to create up to 8 users with unique
    passwords.
  • Connects by standard ethernet
  • More secure than standard Bluetooth?

Belkin F8T030
16
17
  • References
  • http//books.google.com/books?id-fUR0OGZ7bQCpgP
    A58lpgPA58dqbluetoothcombinationkeysourcew
    ebotsRwkD5ANJcHsigFAheS6Y29uE3EUqLZRMgS3i5v5I
  • http//www.securityfocus.com/infocus/1830
  • http//www.bluetooth-headset.co.uk/images/jabra20
    jx1020hub.bmp
  • http//windowsecurity.com/articles/Bluetooth-Secur
    ity-Threat.html
  • http//www.cyberindian.net/wp-content/uploads/sony
    -ericsson-k790i-mobile-phones.jpg
  • http//www.askdavetaylor.com/sync_motorola_razr_v3
    c_with_windows_xp_via_bluetooth.html

17
Write a Comment
User Comments (0)
About PowerShow.com