BLUETOOTH

Bluetooth is an open wireless protocol
for exchanging data over short distances (using
short length radio waves) from fixed and
mobile devices, creating personal area
networks (PANs). It was originally conceived as a wireless alternative to RS-232 data cables. It
can connect several devices, overcoming problems of synchronization.

Name and Logo

The word Bluetooth is an anglicised version of Danish Blåtand, the epithet of the tenth-
century king Harald I of Denmark and parts of Norway who united dissonant Danish tribes into a
single kingdom. The implication is that Bluetooth does the same with communications protocols,
uniting them into one universal standard. Although blå in modern Scandinavic languages
means blue, during the Viking age it also could meanblack. So a historically correct translation
of Old Norse Harald Blátönn could rather be Harald Blacktooth than Harald Bluetooth.

The Bluetooth logo is a bind rune merging the Germanic runes   (Hagall) and    

(Berkanan).

Implementations
Bluetooth uses a radio technology called frequency-hopping spread spectrum, which
chops up the data being sent and transmits chunks of it on up to 79 frequencies. In its basic
mode, the modulation is Gaussian frequency-shift keying (GFSK). It can achieve a gross data
rate of 1 Mbit/s. Bluetooth provides a way to connect and exchange information between devices
such as mobile phones, telephones, laptops, personal computers, printers, Global Positioning
System (GPS) receivers, digital cameras, and video game consoles through a secure, globally
unlicensed Industrial, Scientific and Medical (ISM) 2.4 GHz short-range radio
frequency bandwidth. The Bluetooth specifications are developed and licensed by the Bluetooth
Special Interest Group (SIG). The Bluetooth SIG consists of companies in the areas of
telecommunication, computing, networking, and consumer electronics.

Uses
Bluetooth is a standard and a communications protocol primarily designed for low power
consumption, with a short range (power-class-dependent: 100m, 10m and 1m, but ranges vary in
practice; see table below) based on low-cost transceiver microchips in each device.[5] Bluetooth
makes it possible for these devices to communicate with each other when they are in range.
Because the devices use a radio (broadcast) communications system, they do not have to be in
line of sight of each other.

Maximum Permitted
Range
Class Power
(approximate)
mW (dBm)
Class 1 100 mW (20 dBm) ~100 metres
Class 2 2.5 mW (4 dBm) ~10 metres
Class 3 1 mW (0 dBm) ~1 metres

In most cases the effective range of class 2 devices is extended if they connect to a class 1
transceiver, compared to a pure class 2 network. This is accomplished by the higher sensitivity
and transmission power of Class 1 devices.

Version Data Rate

Version 1.2 1 Mbit/s
Version 2.0 +
3 Mbit/s
EDR

List of applications

 Wireless control of and communication between

a mobile phone and a hands-free  headset. This
was one of the earliest applications to become
popular.
 Wireless networking between PCs in a confined
space and where little bandwidth is required.
 Wireless communication with PC input and
output devices, the most common being
the mouse, keyboard and printer.
 Transfer of files, contact details, calendar
appointments, and reminders between devices with OBEX.
 Replacement of traditional wired serial communications in test equipment, GPS
receivers, medical equipment, bar code scanners, and traffic control devices.
 For controls where infrared was traditionally used.
 For low bandwidth applications where higher USB bandwidth is not required and cable-
free connection desired.
 Sending small advertisements from Bluetooth-enabled advertising hoardings to other,
discoverable, Bluetooth devices.
 Wireless bridge between two Industrial Ethernet (e.g., PROFINET) networks.
  Two seventh-generation game consoles, Nintendo's Wii and Sony's PlayStation 3, use
Bluetooth for their respective wireless controllers.
 Dial-up internet access on personal computers or PDAs using a data-capable mobile
phone as a wireless modem like Novatel Mifi.
 Short range transmission of health sensor data from medical devices to mobile phone, set-
top box or dedicated telehealthdevices.

Bluetooth Devices
Bluetooth exists in many products, such as telephones, the Wii, PlayStation 3, PSP
Go, Lego Mindstorms NXT and in some high definition watches modems and headsets. The
technology is useful when transferring information between two or more devices that are near
each other in low-bandwidth situations. Bluetooth is commonly used to transfer sound data with
telephones (i.e., with a Bluetooth headset) or byte data with hand-held computers (transferring
files).
Bluetooth protocols simplify the discovery and
setup of services between devices. Bluetooth devices
can advertise all of the services they provide. This
makes using services easier because more of the
security, network address and permission configuration
can be automated than with many other network types.

Wi-Fi
Wi-Fi is a traditional Ethernet network, and
requires configuration to set up shared resources,
transmit files, and to set up audio links (for example, headsets and hands-free devices). Wi-Fi
uses the same radio frequencies as Bluetooth, but with higher power, resulting in a stronger
connection. Wi-Fi is sometimes called "wirelessEthernet." This description is accurate, as it also
provides an indication of its relative strengths and weaknesses. Wi-Fi requires more setup but is
better suited for operating full-scale networks; it enables a faster connection, better range from
the base station, and better security than Bluetooth.

Bluetooth vs. Wi-Fi IEEE 802.11 in networking

Bluetooth and Wi-Fi have many applications in today's offices, homes, and on the move:
setting up networks, printing, or transferring presentations and files from PDAs to computers.
Both are versions of unlicensed wireless technology.

Wi-Fi is intended for resident equipment and its applications. The category of
applications is outlined as WLAN, the wireless local area networks. Wi-Fi is intended as a
replacement for cabling for general local area network access in work areas.
 Bluetooth is intended for non resident equipment and its applications. The category of
applications is outlined as the wireless personal area network (WPAN). Bluetooth is a
replacement for cabling in a variety of personally carried applications in any ambience.

Computer Requirements
A personal computer must have a Bluetooth adapter in order to communicate with other
Bluetooth devices (such as mobile phones, mice and keyboards). While some desktop
computers and most recent laptops come with a built-in Bluetooth adapter, others will require an
external one in the form of a dongle.
Unlike its predecessor, IrDA, which requires a
separate adapter for each device, Bluetooth allows
multiple devices to communicate with a computer over
a single adapter.

Operating system support

Apple has supported Bluetooth since Mac OS X

v10.2 which was released in 2002.

For Microsoft platforms, Windows XP Service
Pack 2 and later releases have native support for Bluetooth. Previous versions required users to
install their Bluetooth adapter's own drivers, which were not directly supported by
Microsoft. Microsoft's own Bluetooth dongles (packaged with their Bluetooth computer devices)
have no external drivers and thus require at least Windows XP Service Pack 2.

Linux has two popular Bluetooth stacks, BlueZ and Affix. The BlueZ stack is included

with most Linux kernels and was originally developed by Qualcomm. The Affix stack was
developed by Nokia. FreeBSD features Bluetooth support since its 5.0 release. NetBSD features
Bluetooth support since its 4.0 release. Its Bluetooth stack has been ported to OpenBSD as well.

Mobile phone requirements

A mobile phone that is Bluetooth enabled is able to pair with many devices. To ensure
the broadest support of feature functionality together with legacy device support, the Open
Mobile Terminal Platform (OMTP) forum has published a recommendations paper, entitled
"Bluetooth Local Connectivity"

Communication and connection

A master Bluetooth device can communicate with up to seven devices in a Wireless User
Group. This network group of up to eight devices is called a piconet.
 A piconet is an ad-hoc computer network, using Bluetooth technology protocols to allow
one master device to interconnect with up to seven active devices. Up to 255 further devices can
be inactive, or parked, which the master device can bring into active status at any time.
At any given time, data can be transferred between the master and one other device,
however, the devices can switch roles and the slave can become the master at any time. The
master switches rapidly from one device to another in a round-robin fashion. (Simultaneous
transmission from the master to multiple other devices is possible, but not used much.)
The Bluetooth specification allows connecting two or more piconets together to form
a scatternet, with some devices acting as a bridge by simultaneously playing the master role in
one piconet and the slave role in another.
Many USB Bluetooth adapters are available, some of which also include
an IrDA adapter. Older (pre-2003) Bluetooth adapters, however, have limited services, offering
only the Bluetooth Enumerator and a less-powerful Bluetooth Radio incarnation. Such devices
can link computers with Bluetooth, but they do not offer much in the way of services that
modern adapters do.

Baseband Error Correction

Three types of error correction are implemented in Bluetooth systems

 1/3 rate forward error correction (FEC)

 2/3 rate FEC
 Automatic repeat-request (ARQ)

Setting up connections
Any Bluetooth device in discoverable mode will transmit the following information on demand:
 Device name
 Device class
 List of services
 Technical information (for example: device features, manufacturer, Bluetooth
specification used, clock offset)

Any device may perform an inquiry to find other devices to connect to, and any device can
be configured to respond to such inquiries. However, if the device trying to connect knows the
address of the device, it always responds to direct connection requests and transmits the
information shown in the list above if requested. Use of a device's services may require pairing
or acceptance by its owner, but the connection itself can be initiated by any device and held until
it goes out of range. Some devices can be connected to only one device at a time, and connecting
to them prevents them from connecting to other devices and appearing in inquiries until they
disconnect from the other device.
 Every device has a unique 48-bit address. However, these addresses are generally not shown
in inquiries. Instead, friendly Bluetooth names are used, which can be set by the user. This name
appears when another user scans for devices and in lists of paired devices.
Most phones have the Bluetooth name set to the manufacturer and model of the phone by
default. Most phones and laptops show only the Bluetooth names and special programs are
required to get additional information about remote devices. This can be confusing as, for
example, there could be several phones in range named T610 (see Bluejacking).

Bluetooth low energy technology

On December 17, 2009, the Bluetooth SIG
announced the adoption of Bluetooth low energy
wireless technology as the hallmark feature of the
Bluetooth Core Specification Version 4.0 Chip
shipments are anticipated to follow closely behind.
The first Bluetooth low energy enabled products
should be available in 2010.On April 20, 2009,
Bluetooth SIG presented the new Bluetooth low
energy technology as an entirely additional protocol
stack, compatible with other existing Bluetooth
protocol stacks. The preceding naming
asWibree and Bluetooth ULP (Ultra Low Power) has
been replaced by the adopted name of Bluetooth low energy technology.

On June 12, 2007, Nokia and Bluetooth SIG had announced that Wibree will be a part of
the Bluetooth specification, as an ultra-low power Bluetooth technology. Expected use cases
include watches displaying Caller ID information, sports sensors monitoring the wearer's heart
rate during exercise, and medical devices. The Medical Devices Working Group is also creating
a medical devices profile and associated protocols to enable this market. Bluetooth low energy
technology is designed for devices to have a battery life of up to one year.

Future
Broadcast channel

Enables Bluetooth information points. This will drive the adoption of Bluetooth into
mobile phones, and enable advertising models based around users pulling information from the
information points, and not based around the object push model that is used in a limited way
today.

Topology management
Enables the automatic configuration of the piconet topologies especially
in scatternet situations that are becoming more common today. This should all be invisible to
users of the technology, while also making the technology "just work."
QoS improvements

Enable audio and video data to be transmitted at a higher quality, especially when best
effort traffic is being transmitted in the same piconet.

UWB for AMP

The high speed (AMP) feature of Bluetooth 3.0 is based on 802.11, but the AMP
mechanism was designed to be usable with other radios as well. It was originally intended
for UWB, but the WiMedia Alliance, the body responsible for the flavor of UWB intended for
Bluetooth, announced in March 2009 that it was disbanding.

On March 16, 2009, the WiMedia Alliance announced it was entering into technology

transfer agreements for the WiMedia Ultra-wideband (UWB)
specifications. WiMedia will transfer all current and future
specifications, including work on future high speed and power
optimized implementations, to the Bluetooth Special Interest
Group (SIG), Wireless USB Promoter Group and the USB
Implementers Forum. After the successful completion of the
technology transfer, marketing and related administrative items,
the WiMedia Alliance will cease operations.

In October 2009 the Bluetooth Special Interest Group has dropped development of UWB
as part of the alternative MAC/PHY, Bluetooth 3.0/High Speed solution. A small, but significant,
number of former WiMediamembers had not and would not sign up to the necessary agreements
for the IP transfer. The Bluetooth group is now in the process of evaluating other options for its
longer term roadmap.

Air interface
The protocol operates in the license-free ISM band at 2.402-2.480 GHz.[26] To avoid
interfering with other protocols that use the 2.45 GHz band, the Bluetooth protocol divides the
band into 79 channels (each 1 MHz wide) and changes channels up to 1600 times per second.
Implementations with versions 1.1 and 1.2 reach speeds of 723.1 kbit/s. Version 2.0
implementations feature Bluetooth Enhanced Data Rate (EDR) and reach 2.1 Mbit/s.
Technically, version 2.0 devices have a higher power consumption, but the three times faster rate
reduces the transmission times, effectively reducing power consumption to half that of 1.x
devices (assuming equal traffic load).

Security
Bluetooth implements confidentiality, authentication and key derivation with custom
algorithms based on the SAFER+ block cipher. In Bluetooth, key generation is generally based
on a Bluetooth PIN, which must be entered into both devices. This procedure might be modified
if one of the devices has a fixed PIN (e.g., for headsets or similar devices with a restricted user
interface). During pairing, an initialization key or master key is generated, using the E22
algorithm.[27] The E0 stream cipher is used for encrypting packets, granting confidentiality and is
based on a shared cryptographic secret, namely a previously generated link key or master key.
Those keys, used for subsequent encryption of data sent via the air interface, rely on the
Bluetooth PIN, which has been entered into one or both devices.

An overview of Bluetooth vulnerabilities exploits has been published by Andreas Becker.

In September 2008, the National Institute of Standards and Technology (NIST) published a
Guide to Bluetooth Security that will serve as reference to organization on the security
capabilities of Bluetooth and steps for securing Bluetooth technologies effectively. While
Bluetooth has its benefits, it is susceptible to denial of service attacks, eavesdropping, man-in-
the-middle attacks, message modification, and resource misappropriation. Users/organizations
must evaluate their acceptable level of risk and incorporate security into the lifecycle of
Bluetooth devices. To help mitigate risks, included in the NIST document are security checklists
with guidelines and recommendations for creating and maintaining secure Bluetooth piconets,
headsets, and smart card readers.

Bluejacking

Bluejacking is the sending of either a picture or a message from one user to an

unsuspecting user through Bluetooth wireless technology. Common applications include short
messages (e.g., "You’ve just been bluejacked!"). Bluejacking does not involve the removal or
alteration of any data from the device.

Security Concerns
Prior to Bluetooth 2.1, encryption is not required and can be turned off at any time.
Moreover, the encryption key is only good for approximately 23.5 hours; using a single
encryption key longer than this time allows simple XOR attacks to retrieve the encryption key.

 Turning off encryption is required for several normal operations, so it is problematic to

detect if encryption is disabled for a valid reason or for a security attack.
 Bluetooth 2.1 addresses this in the following ways:
 Encryption is required for all non SDP (Service Discovery Protocol) connections
 A new Encryption Pause and Resume feature is used for all normal operations requiring
encryption to be disabled. This enables easy identification of normal operation from
security attacks.
 The encryption key is required to be refreshed before it expires.

Link keys may be stored on the device file system, not on the Bluetooth chip itself. Many
Bluetooth chip manufacturers allow link keys to be stored on the device; however, if the device
is removable this means that the link key will move with the device.

History of security concerns

2001

In 2001, Jakobsson and Wetzel from Bell Laboratories discovered flaws in the pairing

protocol of Bluetooth, and also pointed to vulnerabilities in the encryption scheme.
2003

In November 2003, Ben and Adam Laurie from A.L. Digital Ltd. discovered that serious
flaws in Bluetooth security may lead to disclosure of personal data.[32] It should be noted,
however, that the reported security problems concerned some poor implementations of
Bluetooth, rather than the protocol itself.

In a subsequent experiment, Martin Herfurt from the trifinite.group was able to do a field-
trial at the CeBIT fairgrounds, showing the importance of the problem to the world. A new attack
called BlueBug was used for this experiment.[33] This is one of a number of concerns that have
been raised over the security of Bluetooth communications.

2004

In 2004 the first purported virus using Bluetooth to spread itself among mobile phones
appeared on the Symbian OS.[34] The virus was first described by Kaspersky Lab and requires
users to confirm the installation of unknown software before it can propagate. The virus was
written as a proof-of-concept by a group of virus writers known as "29A" and sent to anti-virus
groups. Thus, it should be regarded as a potential (but not real) security threat to Bluetooth
or Symbian OS since the virus has never spread outside of this system.

In August 2004, a world-record-setting experiment (see also Bluetooth sniping) showed

that the range of Class 2 Bluetooth radios could be extended to 1.78 km (1.08 mile) with
directional antennas and signal amplifiers.[35] This poses a potential security threat because it
enables attackers to access vulnerable Bluetooth-devices from a distance beyond expectation.
The attacker must also be able to receive information from the victim to set up a connection. No
attack can be made against a Bluetooth device unless the attacker knows its Bluetooth address
and which channels to transmit on.

2005

In January 2005, a mobile malware worm known as Lasco.A began targeting mobile
phones using Symbian OS (Series 60 platform) using Bluetooth-enabled devices to replicate
itself and spread to other devices. The worm is self-installing and begins once the mobile user
approves the transfer of the file (velasco.sis ) from another device. Once installed, the worm
begins looking for other Bluetooth-enabled devices to infect. Additionally, the worm infects
other .SIS files on the device, allowing replication to another device through use of removable
media (Secure Digital, Compact Flash, etc.). The worm can render the mobile device unstable.
In April 2005, Cambridge University security researchers published results of their actual
implementation of passive attacks against the PIN-based pairing between commercial Bluetooth
devices, confirming the attacks to be practicably fast and the Bluetooth symmetric key
establishment method to be vulnerable. To rectify this vulnerability, they carried out an
implementation which showed that stronger, asymmetric key establishment is feasible for certain
classes of devices, such as mobile phones.
In June 2005, Yaniv Shaked and Avishai Wool published a paper describing both passive
and active methods for obtaining the PIN for a Bluetooth link. The passive attack allows a
suitably equipped attacker to eavesdrop on communications and spoof, if the attacker was
present at the time of initial pairing. The active method makes use of a specially constructed
message that must be inserted at a specific point in the protocol, to make the master and slave
repeat the pairing process. After that, the first method can be used to crack the PIN. This attack's
major weakness is that it requires the user of the devices under attack to re-enter the PIN during
the attack when the device prompts them to. Also, this active attack probably requires custom
hardware, since most commercially available Bluetooth devices are not capable of the timing
necessary.
In August 2005, police in Cambridgeshire, England, issued warnings about thieves using
Bluetooth-enabled phones to track other devices left in cars. Police are advising users to ensure
that any mobile networking connections are de-activated if laptops and other devices are left in
this way.

2006

In April 2006, researchers from Secure Network and F-Secure published a report that

warns of the large number of devices left in a visible state, and issued statistics on the spread of
various Bluetooth services and the ease of spread of an eventual Bluetooth worm.

2007

In October 2007, at the Luxemburgish Hack.lu Security Conference, Kevin Finistere and
Thierry Zoller demonstrated and released a remote root shell via Bluetooth on Mac OS X v10.3.9
and v10.4. They also demonstrated the first Bluetooth PIN and Linkkeys cracker, which is based
on the research of Wool and Shaked.

Health concerns
Bluetooth uses the microwave radio frequency spectrum in the 2.402 GHz to 2.480 GHz
range. Maximum power output from a Bluetooth radio is 100 mW, 2.5 mW, and 1 mW for Class
1, Class 2, and Class 3 devices respectively, which puts Class 1 at roughly the same level as
mobile phones, and the other two classes much lower. Accordingly, Class 2 and Class 3
Bluetooth devices are considered less of a potential hazard than mobile phones, and Class 1 may
be comparable to that of mobile phones : the maximum for a Class 1 is 100mW for Bluetooth but
250mW for UMTS W-CDMA, 1W for GSM1800/1900 and 2W for GSM850/900 for instance.

Colloquial Usage
 The term 'Bluetooth' is also used as a colloquial expression for thinking the same thing as
someone else. Such usage is similar to the expression 'being on the same wavelength' as another
person. Usage in this context is often accompanied by a hand signal imitating the Bluetooth logo.
____________________________________________________________________