Term
| 6 Constraints for a personal area network |
|
Definition
Limited battery power
Computational power
Small amount of memory
Small range
Ad-hoc network
Not always I/O Interface |
|
|
Term
| In a piconet how many slaves can one master have? |
|
Definition
|
|
Term
| What are the 4 bluetooth security expectations? |
|
Definition
Easy to use and self-explanatory security confg
Confidentiality protection
Authentication of connecting devices
Anonymity |
|
|
Term
| What are the three bluetooth security modes |
|
Definition
Mode 1 - Unit never initiates any security procedues
Mode 2 - Will not demand authentication or encryption at link establishment
Mode 3 - Initiate security procedures before link set-up is completed |
|
|
Term
| 3 Security modes for devices and services |
|
Definition
|
|
Term
| Services have 3 security levels |
|
Definition
Auth and Authorisation
Authentication only
Services open to al ldevices |
|
|
Term
| There are 7 security protocols in bluetooth, 4 of them generate keys these are |
|
Definition
Generation of unit key (no longer used)
Generation of initialisations key
Generation of link key
Generation of encryption key |
|
|
Term
| There are 7 security protocols in bluetooth, 4 of them generate keys the other 3 are |
|
Definition
Mutual authentication
Generation of key stream
Encryption of data |
|
|
Term
| E1, E21, E22, E3 Are all encryption algorithms. They are based upon the same underlying cipher which is |
|
Definition
|
|
Term
|
Definition
| Message authentication code |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| There are 6 bluetooth security weaknesses, these are |
|
Definition
Unit key
Pin
location privacy (tracking devices)
Denial of service attacks
Implementation attacks
Problems with cryptographic algorithms |
|
|
Term
| The weaknesses with the unit key is |
|
Definition
| All trusted devices use the same key for all secure communications |
|
|
Term
| There are three weaknesses with the PIN |
|
Definition
Fixed PIN
Weak PIN
Security keys are based upon security PIN |
|
|
Term
| There are 5 location tracking attacks |
|
Definition
Inquiry attacks
Traffic monitoring attack
Paging attack
Frequency hoping attack
User-friendly name attack |
|
|
Term
| Denial of service attacks (4) |
|
Definition
Radio jamming
Buffer overflow
Block of other devices
Battery exhaustion |
|
|
Term
| The 3 implementation attacks are |
|
Definition
Bluejacking
Blue snarfing
bluebugging |
|
|
Term
|
Definition
| Literally sending messages |
|
|
Term
|
Definition
| Getting into their phonebook |
|
|
Term
|
Definition
| Exec commands on a targets phone |
|
|
Term
| Six constraints of Bluetooth systems |
|
Definition
Limited battery power
Computational power
Small amount of memory
Small range
Ad-hoc range
Not always I/O-interface |
|
|
Term
| In bluetooth what two things are in the application layer: |
|
Definition
|
|
Term
| IWhat are the one thing on the Presentation layer and what the fuck does it do? |
|
Definition
| Object Exchanger Binary Data - facilitates the exchange of binary objects between devices |
|
|
Term
| What are the things in session layer of the bluetooth protocol stack (6) - one appers twice for some reason |
|
Definition
|
|
Term
| Transport layer of bluetooth stack has which two protocols |
|
Definition
|
|
Term
| Whats one the network layer, there's r. one links into another that links into another. The other seems to come out of no where. Then the fifth comes from the remaining two |
|
Definition
| IP goes into PPP into RFCOMM and SOP is on its own. These both go into L2CAP |
|
|
Term
| Data-link bluetooth protocol stack (one) |
|
Definition
|
|
Term
| Physical layer protocol stack... (uno) |
|
Definition
|
|
Term
| How's generation unit key work |
|
Definition
| RANDOM number and Addr goes into E21, Key comes out |
|
|
Term
| How generation init keys comes |
|
Definition
| Exchange IN_RAND, both devices put the PIN, the IN_RAND and Length of PIN values into E22, get the K(init) - a temp session key |
|
|
Term
| How generation link key works (semi-permanent key) |
|
Definition
| Dev 1 gives LK_RAND(a), Dev 2 gives LK_RAND(b) -> these are sent encrypted with K(init). ADDR, LK_RAND goes into E21 on both devs, this generates LK(a) do the same with the the (b) versions and it gets LK(b) -> This generates K(ab) / K(link) |
|
|
Term
|
Definition
| ADDR(b) send to Dev 1. AU_RAND sent to Dev2. Addr(b), K(link), AU_RAND all go into E1(MAC) and this produces SRES |
|
|
Term
| Generation Encryption key |
|
Definition
| EN_RAND given to Dev 2. EU_RAND, K(link), ACO go into E3. This generates K(c) |
|
|
Term
| Generation key stream works by |
|
Definition
| EN_RAND, ADDR(A), Clock(master), K(c) goes into E0. This generates K(Cipher) |
|
|
Term
| Encryption of data works by using K(Cipher) going in with data. |
|
Definition
|
|
