Perry E. Metzger wrote:
> Matt Crawford <[EMAIL PROTECTED]> writes:
>>On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
>>>2) They also have a way of forcing pairing to happen, by impersonating
>>>   one of the devices and saying "oops! I need to pair again!" to the
>>>   other.
>>Do the devices then pair again without user intervention, re-using the
>>PIN that paired them initially?
> That is my understanding. Ugly, isn't it?

The paper addresses countermeasures; it would appear that the original PIN is
not stored for reuse in most (any?) implementations, but that there is an option
to use a PIN every time the devices are connected, which would expose this risk:

6 Countermeasures
> This section details the countermeasures one should consider when using a
Bluetooth device. These countermeasures will reduce the probability of being
subjected to both attacks and the vulnerability to these attacks.
> Since Bluetooth is a wireless technology, it is very difficult to avoid
Bluetooth signals from leaking outside the desired boundaries. Therefore, one
should follow the recommendation in the Bluetooth standard and refrain from
entering the PIN into the Bluetooth device for pairing as much as possible. This
reduces the risk of an attacker eavesdropping on the pairing process and finding
the PIN used.
> Most Bluetooth devices save the link key (Kab) in non-volatile memory for
future use. This way, when the same Bluetooth devices wish to communicate again,
they use the stored link key. However, there is another mode of work, which
requires entering the PIN into both devices every time they wish to communicate,
even if they have already been paired before. This mode gives a false sense of
security! Starting the pairing process every time increases the probability of
an attacker eavesdropping on the messages transferred. We suggest not to use
this mode of work.
> Finally, the PIN length ranges from 8 to 128 bits. Most manufacturers use a 4
digit PIN and supply it with the device. Obviously, customers should demand the
ability to use longer PINs.


Thomas Lakofski +44 70 9228 8229
'Reality is that which, when you stop believing in it, doesn't go away' --PKD
gpg: 1024D/81FD4B43  2B72 53DB 8104 2041 BDB4  F053 4AE5 01DF 81FD 4B43
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to