Bluetooth is a short-range way to connect multiple devices together wirelessly. The original purpose of Bluetooth technology was to create wireless headsets. Original designs took inspiration from two inventions by Johan Ullman. In 1999, the first consumer Bluetooth device, a hands-free mobile headset, became available to the public. Many people wonder exactly how Bluetooth devices are able to connect and interact without cables. Though it is simple to set up Bluetooth connections, the technology behind them is complex.
Making A Connection
When two devices need to form a connection, they must agree on two levels. On the physical level, the devices need some way to send information to each other. Bluetooth achieves this via radio signals around the 2.4 GHz frequency. On a protocol level, both devices need a set of commands and responses that they both understand. Bluetooth uses a packet-based protocol with a master/slave architecture. Essentially, this means that one device controls other devices on the network and they communicate by dividing data into small packages that they can send back and forth.
Bluetooth devices communicate with each other by transmitting over low-power radio waves. Generally, Bluetooth transmits 2.402 GHz and 2.480 GHz. Other devices such as baby monitors, garage-door openers, and some cordless phones use these frequencies as well. Because there are many devices that can use these frequencies, it’s possible that they will interfere with a Bluetooth network. Bluetooth technology avoids this by using spread-spectrum frequency hopping. Though this sounds complex, it really just means that any single device will randomly bounce between 79 individual frequencies to communicate on the Bluetooth network. This ensures that two devices are rarely on the same frequency and that they quickly move on to a new frequency if they are.
Each generation of Bluetooth devices has a different speed limit that they can harness. Bluetooth data speeds use measurements of megabits per second (Mbps). Though this term may seem abstract for those unfamiliar with it, it is an industry-standard. For reference, dial-up connections operated at only 56 kilobits per second. A megabit is equivalent to 1000 kilobits. First-generation Bluetooth devices could only handle a maximum speed of 1 Mbps. Current generation Bluetooth, also known as Bluetooth 5.1, can handle up to 2 Mbps. This is equivalent to lower-speed internet connections. However, because Bluetooth also contains compression standards, it is actually capable of sending the same information faster than an equivalent speed Wi-Fi or other wireless connection.
Up to eight devices can connect on a single Bluetooth network. When a Bluetooth device enters the 10-meter range of a Bluetooth network, it has an electronic conversation with the master device that controls all the Bluetooth devices. This happens automatically and usually doesn’t require input from a user. A Bluetooth network is a personal area network (PAN) or a piconet. Additionally, two Bluetooth piconets can exist in the same 10-meter range because each device on the networks will frequency hop to avoid interfering with each other.
The Electronic Conversation
During the electronic conversation that Bluetooth devices have, each device exchanges several pieces of information. Primarily, when a manufacturer creates a Bluetooth device, they assign it an address. When the device needs to connect to a Bluetooth network, it sends out radio signals to ask for a response from any other devices that also have addresses. Other devices with addresses respond along these same radio signals and form a piconet.
Thanks to the ability of Bluetooth devices to frequency hop, it is possible to set up multiple Bluetooth piconets in close proximity without interference. It is possible to make the master of one piconet a slave in the second piconet. This means that the two networks are now able to act in tandem. Since the second network controls the master of the first network, it is able to command the first network. This system of interconnected piconets is a scatternet.
Wireless connections are notoriously less secure than their wired counterparts. However, Bluetooth networks have several levels of security.
- Security Mode 1 is non-secure.
- Security Mode 2 gives control to a security manager which determines what services and devices it will connect to.
- Security Mode 3 mandates authentication and encryption for all connections.
- Security Mode 4 gives control to a security manager but has additional options for customizing security rules.
Because any device can theoretically receive and read the radio signals that Bluetooth devices use, it’s important for the devices to encrypt the information they send out. There are three encryption modes, though only two provide encryption. Encryption Mode 1 means there is no encryption on the network’s information. Encryption Mode 2 uses individual keys to encrypt information sent to each individual device. Encryption Mode 3 uses a master link key to encrypt all information sent on the network.
Service Levels and Trust Levels
In addition to the other security options, Bluetooth also includes features for two levels of trust and three different levels of security service. A Bluetooth device is either trusted or untrusted. Generally, trusted devices have a relationship with another device and have full access to the network. The network restricts untrusted devices’ access according to the service security level. The security levels range from one to three with one being the most secure.
Though there are many security measures in place, malicious individuals are able to snoop on Bluetooth networks and then steal their information or control them.
- Bluesnarfing forces a connection to a Bluetooth device and steals data the device contains. It may also steal the device’s identity information.
- Bluejacking occurs when an attacker sends messages to a Bluetooth device to entice the device owner to respond.
- Bluebugging is using a flaw in the device’s firmware to command the device through Bluetooth. This gives full control of the device to the attacker.
- Car Whisperers can control the flow of audio in Bluetooth cars. They can send audio through the speakers or receive it through a microphone.
- Denial of Service is an attack that makes the Bluetooth interface unusable and drains the device’s battery.
- Fuzzing attacks use flawed or odd data sent to a Bluetooth device’s radio to see how the device responds.