Bluetooth Security The way that the Bluetooth Radio system is used in mobile devices and the type ofdata carried on these devices (e.g., a corporate mobile computer) makes security anextremely important factor. While most wireless systems will claim that being a spreadspectrum radio provides security, the volumes projected for Bluetooth radios eliminatethis barrier. As such, link layer and application layer security are part of the basicBluetooth radio requirements. At a link layer, the Bluetooth radio system providesAuthentication, Encryption, and Key Management of the various keys involved.Authentication involves the user providing a Personal Identification Number (PIN) thatis translated into a 128-bit link key that can be authenticated ina one or two-waydirection. Link layer securityy architecture The link layer security architecture provides a number of authentication schemes anda flexible encryption scheme that allows radios to negotiate for key length. This isimportant, as radios from different countries will be talking to each other. Securitypolicies in these countries will dictate maximum encryption key lengths. Bluetoothradios will negotiate to the smallest common key length for the link. The Bluetootharchitecture also supports authorization of different services to upper software stacks.For example, when two computers have created a Bluetooth link to exchange businesscards, authorization must be created to extend these services The Bluetooth securityarchitecture relies on PIN codes for establishing trusted relationships between devices.
While not practical to go through all the combinations of uses of PIN codes, it shouldbe noted that once a trusted pairing is established between devices, these codes canbe stored within the device to allow more automatic/simple connections. The key toBluetooth simplicity will be establishing the trusted relationship between commonlyused devices.