| Bluetooth is one of the hottest technology to emerge in 1998 for the wireless communication. Now its members exceed 2500 manufactures. It is used to connect notebook PC, PDAs, cellular phones and even home electric appliances without cable, and achieve connectivity without explicit user interaction. It operate on the 2.4 GHz spread spectrum band <>Being a wireless technology, security is obviously a main concern for Bluetooth. As other communication technique, the Bluetooth is faced with various kinds of threat such as masquerade, eavesdropping, unauthorized access, and denial of service etc.It's difficult to implement the security control in Bluetooth because of many inherited limits of wireless communication. For example, the wireless channel has limited band, which restrict the size of authentication information; it's easier to intercept the Bluetooth package in wireless environment; the ambulant communication unit in the Bluetooth network increase the uncertainty of security.Network and information security can be evaluated on a number of dimensions. Generally, four of the most important are network availability, authentication, confidentiality and integrity. Availability ensures the survivability of network services despite some types of attack, which means the user can transmit data on the availability of network resources when required. Authentication enables a node to ensure the identity of the peer node it is communicating with. Without authentication, an adversary could masquerade a node, thus gaining unauthorized access to resource and sensitive information and interfering with the operation of other nodes. Confidentiality ensures that only the intended parties are privilege to the information being transmitted. Network transmission of sensitive information, such as strategic or tactical military information, requires confidentiality. Integrity guarantees that a message being transferred is never corrupted, integrity may be compromised because of radio interference and malicious attacks on the network etc. So some kind of integrity protection is definitely needed. The Bluetooth specification is still subject to a number of issues with respect to these security dimensions.We propose adopting security mode 2 to implement Bluetooth security protocol. In the handshake procedure the security manager should complete the authorization, negotiation of the secret keys, establishing a secure connection. Users can choose their own authorization methodand key exchange scheme. To authorization we can use RSA and digital certification. To exchange of key we can follow the DH algorithm. We use DH scheme to establish the key to encryption. We also use RSA scheme to solute the problem of authentication and key exchanging. This protocol stack can be built on any Bluetooth device which base on RFCOMM. The goal of this solution is to establish a security mechanism in Bluetooth protocol stack.In this solution, the problem of identify is solved. The benefit of the security solution proposed is flexibility, convenience and robustness in terms of the security procedures applied compared to the link level security. First, Access to services that need an enforced security have to pass a rigorous access check procedure, other services which don't need security protection may avoid the access check. Second, there is a choice for user to determine the way of exchanging key and authorization, on the other side the alterability also enhance the Security of Bluetooth. |
PDF Full Text Request