You are on page 1of 2

Automation of PIN Set-up for Bluetooth

Security in Inter-Wireless Technology

Hahnsang Kim Hossam Afifi


INRIA INT
2004, Route des Lucioles B.P. 93 9 rue, Charles Fourier
06902 Sophia Antipolis, France 91011 Evry, France
Hahnsang.Kim@inria.fr Hossam.Afifi@int-evry.fr

1. Introduction
Bluetooth technology provides peer-to-peer communications over short distances. In or-
der to provide protection for exchanged information, it defines several different keys that
are based on the hierarchical derivation key management. In Bluetooth security, all pairs
of Bluetooth devices that are unknown to each other or already known need install a
pre-shared key, PIN that the key derivation operations are directly associated with. The
Bluetooth security recommends, before exchanging the PIN, the user to be in a ‘private
area’ where she/he can trust these unknown devices. That means it is the user who has
responsibility for the key exchange in security with an unknown peer device. It is a very
weak point to Bluetooth security since it is discouraged in a public place.
This paper presents a security scheme that aims at automating the PIN exchange proce-
dure with the help of AAA infrastructure in WiFi-overlapped WPANs (Wireless Personal
Access Network). The proposed security scheme contributes to providing an automatic
set-up for security channel, particularly between a pair of unknown Bluetooth devices.

2. A New Security Scheme


For the purpose of surmounting the shortcomings of Bluetooth security, the security model
is roughly composed of four components: a mobile terminal (Figure 1: A) equipped with
both Bluetooth and 802.11 interfaces on the user’s side, an AAA server (AAAA ) asso-
ciated with a WLAN that authenticates the user device, a Bluetooth box (B) fixed to the
service providers or a counterpart of the user, and an AAA server (AAAB ) associated with
a WPAN that keeps a trust relationship with the Bluetooth box (B). The two AAA servers
can be merged into a single one depending on the implementation model. Security asso-
ciations are established as a preliminary between AAA servers, between A and AAAA ,
and between B and AAAB with the help of TLS/IPsec and/or RSN 802.11i for WLANs.
The AAA servers take care of authentication of users and maintenance of connections to
the other AAAs. The Bluetooth applications on the AAA servers have responsibility for
generating the PIN used to protect a Bluetooth link between the two Bluetooth devices.
The Bluetooth clients on the Bluetooth devices generate a PIN request query and establish
a secure channel with the response.
AAA A AAA B

Bluetooth App Bluetooth App


TLS/IPsec
AAA WLAN Server AAA WPAN Server

RSN 802.11i & TLS/IPsec


TLS/IPsec

A: Mobile Terminal Bluetooth Link B: Bluetooth Box

Bluetooth Client Bluetooth Client

Figure 1: A Security Model for Bluetooth


2.1 Message Exchanges for Bluetooth PIN
X is one of A and B, and Y is the other, alternatively. In addition to the credentials of
IDi , AAAX maintains {(IDi , BD ADDRi ) k i ∈ {X, Y } }. The message exchange
sequence of a PIN generation and distribution is the following:
• X → AAAX : IDX , BD ADDRY ,
• AAAX → AAAY : IDX , IDY , RAN DX ,
• AAAY → AAAX : IDY , IDX , RAN DY ,
• AAAX : generate PIN = H(max(RAN DX , RAN DY ) k min(RAN DX , RAN DY ),
max(BD ADDRX , BD ADDRY ) k min(BD ADDRX , BD ADDRY )),
• AAAX → X: IDX , PIN,
where H is a cryptographic hash function that generates an output at least 16-bytes
long.
2.2 Infrastructure Overhead Considerations
Our proposed security scheme is dedicated to the WiFi-overlapped WPANs. Before Blue-
tooth applications even start, the security associations must be done within a limited time,
in particular between a mobile terminal and its corresponding AAA server. Considering
that the coverage range of the WiFi networks (R=100m) is much larger than that of Blue-
tooth (R=10m), if the user walks at a speed of 6km/h, it takes about 54 seconds from the
moment of entrance to a WiFi zone to that to a Bluetooth zone and it is enormously suf-
ficient to set up a secure channel in a WiFi network. In the Bluetooth zone, at a speed of
6km/h, it takes 6 seconds to reach the center point of the Bluetooth zone, which is large
enough to successfully complete our scheme as well.

3. Conclusion
We propose a new security scheme to facilitate the PIN distribution to the pair of unknown
Bluetooth devices in an automatic fashion for the fulfillment of Bluetooth security. Our
proposal relies on WiFi-overlapped WPANs that are based on the AAA infrastructure. It
is obvious that our proposal is practical to apply to an open environment since the user
should not be forced to set up a PIN manually in a public place.

You might also like