Справочник Пользователя для Motorola MC65
7 - 2
MC65 User Guide
Security
The current Bluetooth specification defines security at the link level. Application-level security is not specified. This
allows application developers to define security mechanisms tailored to their specific need. Link-level security
occurs between devices, not users, while application-level security can be implemented on a per-user basis. The
Bluetooth specification defines security algorithms and procedures needed to authenticate devices, and if needed,
encrypt the data flowing on the link between the devices. Device authentication is a mandatory feature of Bluetooth
while link encryption is optional.
allows application developers to define security mechanisms tailored to their specific need. Link-level security
occurs between devices, not users, while application-level security can be implemented on a per-user basis. The
Bluetooth specification defines security algorithms and procedures needed to authenticate devices, and if needed,
encrypt the data flowing on the link between the devices. Device authentication is a mandatory feature of Bluetooth
while link encryption is optional.
Pairing of Bluetooth devices is accomplished by creating an initialization key that is used to authenticate the
devices and create a link key for them. Entering a common PIN number in the devices being paired generates the
initialization key. The PIN number is never sent over the air. By default, the Bluetooth stack responds with no key
when a key is requested (it is up to user to respond to the key request event). Authentication of Bluetooth devices
is based-upon a challenge-response transaction. Bluetooth allows for a PIN number or passkey that is used to
create other 128-bit keys used for security and encryption. The encryption key is derived from the link key used to
authenticate the pairing devices. Also worthy of note is the limited range and fast frequency hopping of the
Bluetooth radios that makes long-distance eavesdropping difficult.
devices and create a link key for them. Entering a common PIN number in the devices being paired generates the
initialization key. The PIN number is never sent over the air. By default, the Bluetooth stack responds with no key
when a key is requested (it is up to user to respond to the key request event). Authentication of Bluetooth devices
is based-upon a challenge-response transaction. Bluetooth allows for a PIN number or passkey that is used to
create other 128-bit keys used for security and encryption. The encryption key is derived from the link key used to
authenticate the pairing devices. Also worthy of note is the limited range and fast frequency hopping of the
Bluetooth radios that makes long-distance eavesdropping difficult.
Recommendations are:
•
Perform pairing in a secure environment
•
Keep PIN codes private and don't store the PIN codes in the MC65
•
Implement application-level security.
The Microsoft stack supports Smart-pairing. For detailed information, refer to the Microsoft MSDN.