Abstract:

Bluetooth technology, an up-and-coming wireless technology, is becoming increasingly more prevalent in modern society, with technical gadgets now ranging from mobile phones and game controllers to PDAs and personal computers. With this increase in popularity comes the responsibility to investigate potential weaknesses and vulnerabilities in the pairing and authentication processes to protect against malicious attacks and eavesdropping. During this project, I explore vulnerabilities in the Bluetooth specification and to what extent these problems can be exploited by adversaries. Through understanding scholarly documents on the topic and consulting with security professionals, I was able to gain insight into the details in which the Bluetooth technology is susceptible to attack. In addition, I explore possible countermeasures to which affected applications can protect themselves. The most common weaknesses lie in the weak key establishment protocol and clear text communication before device authentication or encryption can take place. These problems allow for malicious attackers to impersonate devices and attempt man-in-the middle attacks. In our day and time, it has become imperative that better security standards be created and enforced to implement immediate change in the ever popular Bluetooth wireless standard.

The complete project can be downloaded here. I430 – Final Report

Also available:

I430 – Project Proposal I430 – Project Proposal Presentation I430 – Final Report Presentation