How does Bluetooth Ensure Secure Communication Channels?
Shivam Thakur
| Embedded Software Wireless Engineer @ Plume Design Inc. | Passionate to Create Solutions that helps to innovate the Innovation |
A Bluetooth Packet is sent through RF within 40 Channels. and every Bluetooth Device on this Planet uses same 40 Channels to communicate.
So How can we ensure that communication is free from Interference?
Also How can we trust Bluetooth in terms of Privacy?
24000 GHz - 24835 GHz is the Frequency Range in which all Bluetooth Communication works.
Out of 40 Channels, 3 Channels are used for Advertising.
These 3 Channels are responsible to carry information that is essential for secure connection.
First risk is to protect the data in these 3 channels from attacks?
WiFi is a main source of almost all wireless attacks. So Advertising Channels in Bluetooth are kept away from WiFi Channels
Adv Channels in Bluetooth: 2402, 2426, 2480,
WiFi Channels: Channel 1(2412 MHz), Channel 2(2437 MHz), Channel 3(2462 MHz)
In BLE 5, Advertising is allowed on all channels.
After the Connectivity is done, New Challenge is to protect the data that uses the remaining 37 channels, These channels carries the post connection data.
So your first approach will be to change the channels very frequently in a predefined sequence.
Bluetooth uses Adaptive Frequency Hopping Technique to define the sequence. What is Frequency Hopping?
- It is a technique where when the link is formed, the devices are synchronized to change channel together many times a second.
- The Pattern of channels used is called the hop sequence and is unique for each link.
- It is used to avoid noisy channels.
- Bluetooth Operates in free unlicensed ISM Band, so there is a probability to face some noised channels by other wireless radios in the ISM Band.
- Due to Frequency Hopping, it is difficult to capture Bluetooth Wireless Packets.
- Attacker needs to predict the Next Channel in the Hop Sequence.
- In Bluetooth, MAC Address and Clock of Master generates the random Hopping sequence, where hopping sequence is string of pseudo random numbers.
- In Adaptive Frequency Hopping, Communicating Devices are continuously monitoring, their environment for interference.
- next_channel = (current_channel + hop value) mod 37
- hop value is communicated when connection is established.
- Every time new connection is established, hop value is different
This Technique Minimizes the Radio Interference potentially present in 2.4 GHz Band
System Engineer at Philips with expertise in Systems Engineering and Product Design
4 年Very apt information. I didn’t knew the formula of calculating next channel. Thank you for that. ??
Embedded Firmware | System Engineer | C/C++ | Linux | Microcontroller | OS Internals | Debugging
4 年Yes informative to our Connections ????????♀?
Software Developer at Hitachi Group, Japan | Python | AWS | JLPT N3
4 年Short and crisp
Senior Engineer at Qualcomm | Snapdragon wear
4 年Good article and It will be a kick start for the people who are looking for a good start in Bluetooth technology and about the ISM band.