Bluetooth
One of the most popular ad hoc standards today is Bluetooth. Some of
the salient features of Bluetooth are as follows:
Wireless ad hoc networking technology.
Operates in the unlicensed 2.4 GHz frequency range.
Geographical coverage limited to personal area networks (PAN).
Point-to-point and point-to-multipoint links.
Supports synchronous and asynchronous traffic.
Concentrates on single-hop networks.
Frequency hopping spread spectrum (FHSS) with gaussian frequency
shift keying (GFSK) modulation at the physical layer.
Low power and low cost given important consideration.
Adopted as the IEEE 802.15.1 standard for physical layer (PHY) and
media access control (MAC) layers.
The Bluetooth standard limits its scope by dealing only with
single-hop ad hoc networks with limited geographical coverage (PAN). In
the previous sections we saw that multihop ad hoc networks present a
unique set of challenges which are still an active area of research.
The Bluetooth standard brings ad hoc networks to the commercial
forefront by concentrating on single-hop PAN ad hoc networks. Removing
the multihop feature from ad hoc networks makes things a lot simpler.
The Bluetooth Special Interest Group (SIG) was founded in 1998 with
the aim of developing Bluetooth as a short-range wireless
inter-connectivity standard. (The
Bluetooth standard is also being accepted as the IEEE 802.15 standard.)
In other words, Bluetooth deals with ad hoc networks whose
geographical coverage is limited to PAN. Typical applications of
Bluetooth today include connecting a wireless headset with its cell
phone, interconnecting the various components (keyboard, mouse,
monitor, and so on) of a PC, and so on.
Before we get into the details of Bluetooth and its security, it is
important to emphasize that Bluetooth is by no means the only ad hoc
network standard. Another popular ad hoc standard is 802.11 in its IBSS
mode. Since Bluetooth networks have been so commercially successful, we
briefly look at Bluetooth security .
Bluetooth Basics
A typical Bluetooth network, called the piconet, is shown in Figure 8.2 above. Each piconet has
one master and can have up to seven slaves. (To be precise, a piconet has one master
and up to seven active slaves. There is no limit on the number of
slaves in a piconet which are in "park" or "hold" state. This
distinction is irrelevant from a security perspective however.)
 |
| Figure
8.3: Piconets and Scatternets in Bluetooth |
Therefore, there can be at most eight devices in a piconet. A slave
can communicate only with the master and a master can obviously
communicate with any of the slaves. If two slaves wish to communicate
with each other, the master should relay this traffic. In effect, we
have a logical star topology in a piconet, with the master device at
the center.
Comparing the piconet to a 802.11 network, the piconet is the
equivalent of a BSS (though with a
much smaller geographical coverage), the master device is the
equivalent of the AP (except that it
is not connected to any distribution system) and the slave
devices are the equivalent of the Stations (STAs).
A Bluetooth device may participate in more than one piconet
simultaneously, as shown in Figure
8.3 above. In such a scenario, it is possible for the devices in
two piconets to communicate with each other by having the common node
act as the bridge and relay the inter-piconet traffic.
The two piconets are now joined together and form a scatternet. Even
though scatternets are theoretically possible, they are rare in
commercial deployments since they pose tough practical problems like
routing and timing issues.
The Bluetooth standard concentrates mostly on single-hop piconets
and we limit our discussion to piconet security. Scatternets (and their
security) are an active area of research and involve a lot of the
security issues.
(Editor's note: For more on
embedded security, check out the cover story in the October
issue of Embedded Systems Design Magazine: "Embedded systems security has moved to the
forefront," as well as "Employ a secure flavor
of Linux."
Next in Part 3: "Dealing with
Bluetooth security."
To read Part 1, go to "Routing in multihop ad hoc networks."
This
article is excerpted from "Bulletproof
wireless security," by Praphul Chandra, with permission from
Elsevier/Newnes which hold the copyright. It is a part of the
publisher's Communications Engineering Series.
Praphul Chandra currently works as
a senior research scientist at HP
Labs, India, which focuses on "technological innovation for
emerging countries."
Recent articles on security on
Embedded.com:
Securing
wireless MCUs is changing embedded systems design
State
of security technology: embedded to enterprise
Securiing
mobile and embedded devices: encryptioon is not security
Guidelines
for designing secure PCI PED EFT terminals
Overcoming
security issues in embedded systems
Building
middleware for security and safety-critical applications
Security
considerations for embedded operating systems
Diversity
protects embedded systems
A
proactive strategy for eliminating embedded software vulnerabilities
Understanding
elliptic curve cryptography
Securing
ad hoc embedded wireless networks with public key cryptography
A
framework for considering security in embedded systems
Calculating
the exploitability of your embedded software
Bad
assumptions lead to bad security
Securing
embedded systems for networks
Implementing
solid security on a Bluetooth product
Smart
security improves battery life
How
to establish mobile security
Ensuring
strong security for mobile transactions
Securing
an 802.11 network
