Bluetooth Security (Windows Embedded CE 6.0)
1/6/2010
Bluetooth has the following potential security risks:
- Bluetooth is designed to run over a short-range wireless peer-to-peer network. If one or more devices are used as gateways to other networks, and if the security of Bluetooth is compromised, it could expose the device or its attached networks.
- Bluetooth supports third party extensions. If these extensions do not use proper security and authentication procedures, they could compromise the security of a device or local network.
The security model of Bluetooth is based on and enforced by two measures:
- Authentication
- Link encryption
The following table shows the security modes and the combinations of security measures they enforce.
Mode | Description |
---|---|
Mode 1 |
Devices operating in this mode do not implement security control. Any device in the area is able to pair with devices operating in this mode. |
Mode 2 |
Devices operating in this mode enforce service level security by a combination of authorization and authentication scheme at the L2CAP layer and above. The following new Winsock options are added to support Mode 2 security:
For more information, see Winsock Extensions. |
Mode 3 |
Devices operating in this mode enforce link encryption at the LMP layer. The following new Winsock options are added to support Mode 3 security:
|
Best Practices
Security level
It is recommended that you enforce a security mode 3 at the least.
Use a long passcode number and do not perform a pairing procedure in public
Using a long passcode prevents the correct link key from being easily computed. Do not perform pairing at public places to prevent an attacker from eavesdropping during the pairing occasion and recording all communications between devices. An attacker can also obtain the passcode and link key by initiating a key exchange with a victim device.
Restrict access to privileged devices
Because Bluetooth supports device-based authentication, it is possible that a peer device may request a service that exposes sensitive data. To avoid this, ensure that you pair with privileged devices. Restricting access to privileged devices provides security. Privileged devices are devices that have fixed, or paired, relationships and that have access to services.
Perform the pairing process on devices only in a safe environment
The user should be aware that during the pairing procedure, the initial exchange of keys is the weakest part of the security procedure because non-encrypted channels are used. To minimize the risk of eavesdropping during the communication, make sure that the surrounding environment is clear of potential intruders when the pairing process is in progress.
Put your device on a connection mode that has a security infrastructure
Put your device into a connection mode that uses a key derived during bonding for only one session and then delete it.
Avoid keeping the devices in a connected state permanently
Disconnect the devices after the transaction is complete. Use a different passcode for the pairing process each time. It is possible to launch an attack by continuously attempting to connect to a Bluetooth device. Therefore, enable discoverable mode only when required.
Allow only privileged devices and services to use the Bluetooth PAN service
When a Bluetooth device is configured to be a Network Access Point (NAP) by using the layer-2 bridging mechanism, the device can allow bridging across multiple network interfaces. This may expose private networks that are connected by networking interfaces. Ensure that only privileged devices are allowed to use the NAP service to avoid exposure to sensitive data.**
Default Registry Settings
You should be aware of the registry settings that impact security. By default, encryption and authentication are enabled in the registry. Microsoft recommends that you do not disable these settings to avoid potential security threats such as unauthorized remote access. If a value has security implications you will find a Security Note in the registry settings documentation.
For Bluetooth registry information, see Bluetooth Registry Settings.
Ports
No specific ports are used for Bluetooth.