3

In the Bluetooth core document, there are various Association Models, I'm trying to understand Numeric Comparison, where both devices are capable of showing a six-digit number (which I will call the PIN, although apparently they don't like that terminology).

The paragraph in section 5.2.4.1 of v4.2 says this:

The numeric comparison serves two purposes. First, since many devices do not have unique names, it provides confirmation to the user that the correct devices are connected with each other. Second, the numeric comparison provides protection against MITM attacks

I definitely understand the user confirmation part, but how does the PIN help guard against MitM?

I think the answer lies in this paragraph:

In the Numeric Comparison association model, the six digit number is an artifact of the security algorithm and not an input to it, as is the case in the Bluetooth security model

but I have no idea what that means.

Betty Crokker
  • 155
  • 1
  • 8

1 Answers1

2

This is for BT pre-4.0:

It meas that the conversation between the 2 devices when generating the initialization key does not contain the PIN in clear text, the PIN is used in a function like this (pseudo-code):

GenerateKey(PIN, sizeof(PIN), RAND, D_ADDR)

Where:

RAND: A 128-bit ~random number generated by the device (by software).

D_ADDR: Device address, it is a unique 48 bit sequence. (IEEE).

It returns:

A 128 bit initialization key via shifting and xors (Linear feedback shift registers, the output is combined by a state machine)

Both devices will share this initialization key, which they use as their temporary link key and will be discarded after the success of the interchange.

For more technical details, check this presentation from the course CSE446 (Software for Embedded Systems, University of Washington), it goes from higher to lower level explaining all this.

jmingov
  • 844
  • 5
  • 11
  • 1
    That presentation refers to the Bluetooth 1.1 spec, so I'm suspecting that your answer refers to the pre-4.0 Bluetooth security. The quote from the v4.2 spec specifically says that the PIN is _not_ an input into the security algorithm. – Betty Crokker Feb 23 '17 at 21:59
  • You are right @BettyCrokker, after doing a little bit more research, i saw that now it uses DiffieHellman and publick keys, as you can see in the pick of the section 5.2.4.5 Association Model Overview of the spec. This is a crypto question, already ansewered here: http://crypto.stackexchange.com/questions/37853/how-does-bluetooth-pairing-ssp-with-numeric-comparison-work/39352 – jmingov Feb 23 '17 at 22:29
  • 1
    Excellent, that's exactly what I was looking for! – Betty Crokker Feb 23 '17 at 22:50