Bluetooth security topics

Bluetooth security has been found to be very weak. Therefore, a discussion of Bluetooth security features, as well as their weaknesses, is highly motivated. The Bluetooth security topics are quite advanced and are therefore aimed at students who already have a background in security. All topics require that the student is capable of performing some sort of analysis on the security solutions of Bluetooth, or at least that the student is able to come up with some motivated criticism. The student should note that there will not be too much material (publications etc) available on these topics.

If the student wishes to discuss some proprietary security solution, then it should be analysed as well - a copy of how secure the company claims their solution to be is not enough.

The student is required to read the important parts of the Bluetooth specification, as well as other material found on the topic, if found.

1. An overview of Bluetooth security

The purpose of this topic is to give an overview of Bluetooth security, how it was designed, and what is was supposed to protect. Also a discussion of its weaknesses on a general level is required.

2. Secure ad hoc networking with Bluetooth

An ad hoc network is a collection of nodes that do not need to rely on a predefined infrastructure to keep the network connected. Such networks are especially vulnerable to attacks, especially since they tend to be wireless. Bluetooth is proposed as a technology to allow ad hoc networking. This topic should discuss the concept of ad hoc networking, its security requirements, and how Bluetooth adapts to this concept. Which problems does Bluetooth solve, which are still without a solution?

3. Key management in Bluetooth

This topic calls for a discussion on key management in Bluetooth. A detailed technical description on how it works as well as an analysis of its weaknesses is required.

4. Privacy in Bluetooth

This topic should discuss the concept of privacy when considering using Bluetooth based devices. Which potential risks exist? Why is this a problem? What should be done?