Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > REVIEW: "Bluetooth Security", Christian Gehrmann/Joakim Persson/Ben Smeets

Reply
Thread Tools

REVIEW: "Bluetooth Security", Christian Gehrmann/Joakim Persson/Ben Smeets

 
 
Rob Slade, doting grandpa of Ryan and Trevor
Guest
Posts: n/a
 
      07-12-2004
BKBLTSEC.RVW 20040622

"Bluetooth Security", Christian Gehrmann/Joakim Persson/Ben Smeets,
2004, 1-58053-504-6, U$79.00/C$114.95
%A Christian Gehrmann
%A Joakim Persson
%A Ben Smeets
%C 685 Canton St., Norwood, MA 02062
%D 2004
%G 1-58053-504-6
%I Artech House/Horizon
%O U$79.00/C$114.95 617-769-9750 http://www.velocityreviews.com/forums/(E-Mail Removed)
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne
http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20
%P 204 p.
%T "Bluetooth Security"

Part one presents the basics of Bluetooth security. Chapter one is an
introduction to the Bluetooth protocol suite (mostly at the packet
level), and also mentions a few security concepts (in a somewhat
haphazard manner). The overview of Bluetooth security, in chapter
two, could be clearer: some minutia (such as the bit lengths of
various components of key generation) obscure the basic concepts,
while other specifics (such as the algorithms used) are missing where
they could support the text. Pairings and key management rely on a
considerable amount of alphabet soup, making frequent references to
the list of acronyms a necessity. The detailed descriptions make the
explanations difficult, but would make cryptographic analysis possible
for the determined reader. The algorithms are laid out in chapter
four: although most are based on SAFER+ the greatest emphasis is given
to the E(0) stream cipher. Chapter five looks at the encryption used
in a broadcast to all members of a piconet. The discussion of
security policy and access control, in chapter six, deals mostly with
the services required, rather than provided. A lot of time is spent
analysing cryptographic strength of the algorithms, in chapter seven,
only to come to the conclusion that the greatest problem lies in
pairing and tracking.

Part two deals with Bluetooth security enhancements, still in
development. Chapter eight discusses anonymity, in terms of varying
the device address to avoid tracking, and the requirements for such a
scenario. Improved key management, using asymmetric encryption or
challenge-response type systems, is considered in chapter nine.
Chapter ten deliberates on refinement of some standard Bluetooth
applications.

Bluetooth security is not well known, despite the proliferation of
Bluetooth enabled devices. While this book has a number of
shortcomings in terms of writing, the material provides an
introduction to a number of important considerations.

copyright Robert M. Slade, 2004 BKBLTSEC.RVW 20040622

--
======================
(E-Mail Removed) (E-Mail Removed) (E-Mail Removed)
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to (E-Mail Removed)
or (E-Mail Removed)

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
24 hour Christian Prayer line? Brenda Computer Support 12 06-01-2011 02:57 AM
Quick Christian question anthonyberet Computer Support 40 09-04-2006 12:30 PM
REVIEW: "The Secured Enterprise", Paul E. Proctor/F. Christian Byrnes Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 09-01-2004 03:32 PM



Advertisments