Education at Lviv Polytechnic

Research on Bluetooth Interface Usage Security in Measurement Systems

Students Name: Kryvolapenko Dmytro Viktorovych

Qualification Level: magister

Speciality: System Administration of Telecommunications Networks

Institute: Institute of Telecommunications, Radioelectronics and Electronic Engineering

Mode of Study: full

Academic Year: 2023-2024 н.р.

Language of Defence: ukrainian

Abstract: The purpose of this work is to consider the safety of using Bluetooth in measuring systems. The research set the following goals: 1. Consideration of Bluetooth protocols in standard measurement information systems developed over the past 20 years. 2. Consideration of vulnerabilities in each version of Bluetooth in measurement systems of different years. 3. Testing found vulnerabilities in the Bluetooth specification. 4. Elaboration of recommendations to eliminate vulnerabilities in measuring systems. This work explains the device specification of Bluetooth wireless personal networks. General concepts and classification of this network are given. Bluetooth security protocols are considered. Technologies for interfacing devices that support this interface, as well as methods for implementing security protocols, have been studied. A specific program for monitoring and detecting vulnerabilities in this interface has been developed. Testing of the found vulnerabilities was carried out. Recommendations were developed to eliminate vulnerabilities in measurement systems [1]. The study of the safety of using the Bluetooth interface in measuring systems sets itself the task of studying and analyzing potential threats and risks associated with the use of Bluetooth technology in measuring devices. In particular, the research is aimed at identifying vulnerabilities and developing measures to ensure the reliability and confidentiality of information transmitted via Bluetooth communication. This study is important for ensuring a high level of security in connection with the use of Bluetooth in measurement systems, which can have a positive effect on the protection of confidential information and the avoidance of potential threats in this area. Generating a secret symmetric link key is essential for the authentication and encryption mechanisms provided by Bluetooth. For Bluetooth BR/EDR, the pairing is presented in two ways - Security Mode 2 and 3 (Security Mode 1 is a dangerous mode) with a PIN code personal identification method, called Legacy or Classic Pairing, while Security Mode 4 uses the SSP algorithm [2]. Radio communication is carried out in the ISM band (2.4-2.4835 GHz). The FHSS (Frequency Hopping Spread Spectrum) algorithm is used - the signal changes hopping 1600 times/s (in total, 79 working frequencies with a width of 1 MHz are allocated, and in Japan, France and Spain the band already has 23 frequency channels) [3]. In the first section, typical measuring systems and their characteristics will be considered. An overview of the Bluetooth specification will be given, including the principle of operation of the communication interface, the history of the development of the protocol, algorithms for pairing, authentication and encryption, as well as mechanisms for security and generation of communication keys [4]. In the second, the main modes and levels of security will be considered. Bluetooth BR/EDR/HS. The processes of connection and generation of a key link are studied. The SSP association models are described and the key points of Bluetooth authentication, confidentiality, and authorization are discussed [5]. In this third section, a number of potential vulnerabilities and threats to Bluetooth security in measurement systems will be discussed. In the fourth section, the algorithm for selecting the PIN code of the slave device will be considered, for further replacement of the latter. An analysis of the PIN selection program written by me was performed to verify the reliability of the Bluetooth Legacy Pairing algorithm.