A Review of Security Weaknesses in Bluetooth

In this paper, we point to three types of potential vulnerabilities in the Bluetooth Standard, version 1.0B. The first vulnerability opens up the system to an attack in which an adversary under certain circumstances is able to determine the key exchanged by two victim devices, making eavesdropping and impersonation possible. This can be done either by exhaustively searching all possible PINs (but without interacting with the victim device), or by mounting a so called middle ? person attack. The second venerability makes possible an attack ?which is called a location attack. In it an attacker is able to identify and determine the geographic location of victim devices. This in turn can be used for industrial espionage, black mail and other undesirable activities. The third vulnerability concerns the cipher. I conclude by giving a range of methods that can be employed to strengthen the protocol and prevent the newly discovered attacks. These suggested alterations are simple and expected to be possible to be implemented without major modifications.