A PRESENTATION ON

Presented by

Rajarshi Pal Chowdhury (ECE/06/02)

Pranamita Roy (ECE/06/14)

Dhruba Das (ECE/06/21)

Saptarshi Chakrobarty (ECE/06/23)

MCKVIE
 A PRESENTATION ON

WHAT IS ?
Bluetooth is a wireless protocol for exchanging data over short distances from fixed and mobile devices, creating
Personal Area Networks (PANs). It was originally conceived as a wireless alternative to RS232 data cables. It can
connect several devices, overcoming problems of synchronization. Bluetooth uses a radio technology called
frequency hopping spread spectrum for transmission.in its basic mode, the modulation used is Gaussian frequency-
shift keying (GFSK).It can achieve agross data rate of 1Mb/s and utilizes the secure globally unlicensed Industrial,
Scientific, and Medical (ISM) 2.4 GHz short-range radio frequency bandwidth.

WHY USE ?
1.Connects allwithout wires
2.The technology is inexpensive
3. Its automatic: when 2 devices are in each others range they can start communicating without the user having to
do anything
4. Standardized Protocol guarantees Interoperability. The devices can communicate as long as they have the same
Bluetooth Profile
5. Low Interference because FHSS and low power wireless signal is used
6. Low Energy Consumption
7. Shares all: voice and data
8. Instant Personal Area Network (PAN)
9. The Bluetooth standard is upgradeable and each version is backward compatible
10. The Technology is here to Stay: Bluetooth is a universal, world-wide, wireless standard.It is gaining more and
more popularity everyday

ORIGIN OF
1994  The revolution started by Ericsson
1998  The Bluetooth Special Interest Group {SIG} is formed
5 founding members -Ericsson, Nokia, IBM, Intel & Toshiba
Promoter’s Group - 3COM, Lucent, Microsoft, Motorola
1999  Bluetooth 1.0 specification released
2004  Bluetooth version 2.0 + EDR (Enhanced Data Rate) introduced
2007  Bluetooth Core Specification Version 2.1 introduced

WHY IS IT CALLED ?
The word "Bluetooth" is taken from the 10th century Danish King Harald Bluetooth(Blaatand). King
Bluetooth had been influential in uniting Scandinavian Europe. The founders of the Bluetooth SIG felt the name was
fitting because:
1) Bluetooth technology was first developed in Scandinavia, and
2) Bluetooth technology is able to unite differing industries such as the cell phone, computing, and automotive
2

markets. Bluetooth wireless technology simplifies and combines multiple forms of wireless communication into a
Page

single, secure, low-power, low-cost, globally available radio frequency.

 A PRESENTATION ON

The logo unites the Runic alphabetic characters "H", which looks similar to an asterisk, and a "B", which are
the initials for Harald Bluetooth.

APPLICATION OF
Bluetooth can give you a new kind of freedom. You might share information, synchronize data, access the
Internet, integrate with LANs or even unlock your car - all by simply using your Bluetooth equipped mobile phone.
Bluetooth may be enabled in everything from: Telephones, Headsets, Computers, Cameras, PDAs, Cars, and
Refrigerator etc …

HOW DOES WORK?

Bluetooth is a standard for tiny, radio frequency chips that can be plugged into your devices. These chips
were designed to take all of the information that your wires normally send, and transmit it at a special frequency to
something called a receiver Bluetooth chip. The information is then transmitted to your device.
Pico net and Scatter net
Bluetooth connects devices using a piconet:a piconet is an ad-hoc computer network linking a user
group of devices using Bluetooth technology protocols to allow one master device to interconnect
with up to seven active slave devices (because a three-bit MAC address is used). Up to 255 further
slave devices can be inactive, or parked, which the master device can bring into active status at any
time.
A piconet typically has a range of about 10 m and a transfer rate between about 400 and 700 kbit/s,
depending on whether synchronous or asynchronous connection is used.
A scatternet is a number of interconnected piconets that supports communication between more
than 8 devices. Scatternets can be formed when a member of one piconet (either the master or one
of the slaves) elects to participate as a slave in a second, separate piconet. The device participating
in both piconets can relay data between members of both ad-hoc networks. Using this approach, it is
possible to join together numerous piconets into a large scatternet, and to expand the physical size
of the network beyond Bluetooth's limited range.

Fig:Piconet
3
Page

Fig:Scatternet
 A PRESENTATION ON

Ad hoc networking
These PICONETS are established dynamically and automatically as Bluetooth devices enter and leave the
radio proximity.
Since each Bluetooth device supports both point-to-point and point-to-multi-point connections, several
piconets can be established and linked together ad hoc. The Bluetooth topology is best described as a multiple
piconet structure.
Bluetooth PAIRING
It occurs when two Bluetooth devices agree to communicate with each other and establish a
connection.
To communicate, both devices must be “discoverable”
In advanced settings a PASSKEY needs to be exchanged between the 2 devices.
ARCHITECHTURE

Fig:

There are 7 layers in the IEEE 802.15.1 protocol stack designed for BLUETOOTH. The layers are 
1. Radio Layer 2.baseband layer 3.Link manager protocol 4.Host Controller Interface 5.L2CAP
6.Profiles (RFCOMM, TCS, SDP), & 7. Application Layer.
1. RADIO LAYER
Bluetooth uses bandwidth of 2.4 GHz ISM band divided into 79 of 1 MHz each.
It uses FHSS(Frequency Hop Spread Spectrum) for avoiding interference. Bluetooth hopes 1600
times a second.
It is roughly equivalent to physical layer of the internet model.
To transform bits into signal Bluetooth uses a sophisticated version of FSK, called GFSK (Gaussian
Frequency Shift Keying).
4
Page

Fig:FHSS
 A PRESENTATION ON

2. BASEBAND LAYER
It is roughly equivalent to the MAC sub layer in LANs.
The access technique is TDD-TDMA (Time Division Duplex TDMA).
The communication can be of two ways 1.Single Secondary & 2.Multiple Secondary
PacketsData is transmitted over the air in packets. The symbol rate for all modulation
schemes is 1 Ms/s. The gross air data rate is 1 Mbps for Basic Rate.

3. LMP
LMP is used to for 1.Sending &Receiving data 2.Authentication Purpose 3.Link Setup and
Configuration.
4. HCI
Host controller interface (HCI) is used for accessing the Bluetooth Baseband, Hardware Status,
Control Register.
5. L2CAP(Logical Link Control & Adaptation Protocol)
It is roughly equivalent to LLC sub layer in LANs.
The main functions of L2CAP are
1. Multiplexing
2. Segmentation and reassembly of packets
3. Maintain QoS (quality of service)
4. Group Management
Two kinds of links are supported by L2CAP, SCO(Synchronous Connection oriented),
ACL(Asynchronous Connectionless Link )
6. Profiles
This layer comprises of 1.RFCOMM(Radio Frequency Communication) 2.SDP(Service Delivery
Protocol) 3.TCS(Telephony control service)
7.
APPLICATION LAYER
It is used for transferring E-MAIL, files etc.
It uses different protocols like PPP (Point to Point Protocol), FTP (File Transfer Protocol) etc.
FRAME FORMAT
A frame in the baseband layer can be of three types : one slot,three slot and five slots.A slot is of 625
µseconds.259 µsec is needed for hopping and control mechanisms.Therefore a one slot can last
only for 366µs.The bandwidth is 1 MHz . Similarly a 3 slot can last for 3*625-259µs=1616µs.
A five slot can last for 2866bits.
The frame has following formats:

ACCESS CODE:This 72 bit field normally contains synchronization bits and the identifier of the
primary to distinguish the frame of one piconet to another piconet.

HEADER: This 54 bit field is a repeated 18 bit field. Each pattern has the following subfields.

1) ADDRESS: The 3 bit address subfield defines upto seven secondaries.If it is 0 it is ysed for
broadcast communication.

2) TYPE: The 4 bit type subfield defines the type of data.

5

3) F: This 1 bit subfield is for flow control. When ‘set ‘ it indicates that the device is unable
Page

to receive more frames.

 A PRESENTATION ON

4)A: This 1 bit subfield is for acknowkedge .Bluetooth uses Stop and wait ARQ.1 bit is
sufficient for acknowledgement.

5)S: This 1 bit subfield holds a sequence number.

6)HEC: The 8 bit header error correction subfield is achecksum to detect errors in each 18
bit header.

PAYLOAD: This subfield can be 0 to 2740 bits long.It contains data or control information coming
from the upper layers.

Fig:Frame Format

Fig:Header subfields

STATE DIAGRAM ILLUSTRATING THE DIFFERENT STATES USED IN THE LINK CONTROLLER

The figure below shows a state diagram illustrating the different states used in the link controller. There are
three major states: STANDBY, CONNECTION, and PARK; in addition, there are seven substates, page, page scan,
inquiry, inquiry scan, master response, slave response, and inquiry response. The substates are interim states that
are used to establish connections and enable device discovery. To move from one state or substate to another,
either commands from the link manager are used, or internal signals in the link controller are used (such as the
trigger signal from the correlator and the timeout signals).
6
Page
 A PRESENTATION ON

TECHNICAL SPECIFICATIONS

Bluetooth uses the microwave radio frequency spectrum in the 2.4 GHz to 2.4835 GHz range. Maximum
power output from a Bluetooth radio is 100 mW, 2.5 mW, and 1 mW for Class 1, Class 2, and Class 3 devices
respectively, which puts Class 1 at roughly the same level as mobile phones, and the other two classes much lower.

SECURITY:
SECURITY THREATS IN Bluetooth:

The hazards in pairing two Bluetooth devices.

The viruses that flows through Bluetooth networks.
Different modes of Hacking and eavesdropping in Bluetooth enabled devices.

DIFFERENT KINDS OF HACKING ATTACKS ARE AS FOLLOWS:

1)Inquiry Attack:
In this scenario the attacker has distributed one or more Bluetooth devices throughout a region in
which he wants to get access to. Suppose the victim is in discoverable mode, in this case the attacker can
simply interrogate the area by sending inquiry messages and a log of device addresses are made. This data
can be correlated to know the exact position and movements of the victim.
2)TRAFFIC MONITORING ATTACK:
This attack succeeds even if the victim’s device is in non discoverable mode.The attacker simply
monitors the maximum traffic.And locates the master device. The address of the master device can be
accessed by the CAC address.
3)PAGING ATTACK:
In this method the attacker previously know the addresses.They just enquire that whether the
devices are present in nearby or not .And the devices are hacked.
4)FREQUENCY HOPPING ATTACK:
7

The frequency hopping scheme in Bluetooth is determined by a repeating hopping sequence.The

Page

hopping calculated from different input parameters , such as an address and the master clock.
 A PRESENTATION ON

BLUETOOTH SECURITY CONCERNS

What is Bluejacking?

Bluejacking allows phone users to send business cards anonymously to one another using Bluetooth
technology. Bluejacking does NOT involve any altercations to your phone's data. These business cards
usually consist of some clever message or joke. Bluejackers are simply looking for a reaction from the
recipient. To ignore bluejackers, simply reject the business card, or if you want to avoid them entirely, set
your phone to non-discoverable mode

What is Bluesnarfing?

Bluesnarfing refers to a hacker who has gained access to data, which is stored on a Bluetooth
enabled phone. Bluesnarfing allows the hacker to make phone calls, send and receive text messages, read
and write phonebook contacts, eavesdrop on phone conversations, and connect to the Internet. The good
news is, bluesnarfing requires advanced equipment and expertise or requires the hacker to be within a 30 ft.
range. If your phone is in non-discoverable mode, it becomes significantly more difficult for hackers to
bluesnarf your phone. According to the Bluetooth SIG, only some older Bluetooth enabled phones are
vunerable to bluesnarfing.

What is Bluebugging?

Bluebugging refers to a skilled hacker who has accessed a cell phone's commands using Bluetooth
technology without the owner's permission or knowledge. Bluebugging allows the hacker to make phone
calls, send messages, read and write contacts and calendar events, eavesdrop on phone conversations, and
connect to the Internet. Just like all Bluetooth attacks, the hacker must be within a 30 ft. range. Bluebugging
and bluesnarfing are separate security issues, and phones that are vulnerable to one are not necessarily
vulnerable to the other.

BLUETOOTH VIRUSES

• Like Other wireless technologies Bluetooth is also vulnerable to viruses.

• The first Bluetooth virus was CABIRA.
• The viruses can spread through text messages, MMS etc.
• They usually delete database, change the passkeys and drain batteries.
PROCEDURES FOR PROTECTING BLUETOOTH DEVICES

1.Non-Discoverable Mode
• To prevent others from seeing your device, you can set it to a non-discoverable mode. You can still use
your Bluetooth services, like talking on a headset, but your device will not be found by other Bluetooth
devices.
2>Only Pair with Known Devices
• Don't "pair" with unknown devices. Just like you would not open your door to a stranger, do not accept
content or pair with devices from unknown users.
3>Change your PIN
• Pair your device in private to make the permanent connection. And if your device comes with a default
Personal Identification Number (PIN), change it to only one you know.
IMPLEMENTING SECURITY
• Developers that use Bluetooth wireless technology in their products have several options for
implementing security. And there are three modes of security for Bluetooth access between two
devices.
8

• Security Mode 1: non-secure

Page
 A PRESENTATION ON

• Security Mode 2: service level enforced security

• Security Mode 3: link level enforced security
• The manufacturer of each product determines these security modes. Devices and services have
different security levels. For devices, there are two levels: "trusted device" and "untrusted device." A
trusted device has already been paired with one of your other devices, and has unrestricted access to
all services.

FUTURE OF
Master Slave relationship can be adjusted dynamically for optional resource allocation.
Adaptive closed loop power transmit control can be implemented to further reduce unnecessary usage.
Bluetooth and Wi-Fi technology will be used in a single device. In short range it will switch to Bluetooth.
The battery life will be almost 1 year.
The alliance of Bluetooth with UWB will make the data transfer rate faster up to 480Mbits/sec. This new
version can also be used multi media projectors, T.V and in wireless VOIP technology.
On march 2009 the Wimedia alliance announced its collaboration with the SIG. that will enhance the
performance of Bluetooth
The next version of Bluetooth code named SEATTLE (3.0) is most notable to adopt UWB technology, enabling
a high transfer rate on the very low power idle mode.

CONCLUSION
The possibilities of Bluetooth technology are almost limit less. There is no scope of discussing all the aspects
of it in this limited space. It is already one of the most popular technologies of all time. And looking at its growth and
endless scopes, one can say, this technology is definitely here to stay.

~*~

Sources consulted
http://www.bluetooth.com
http://en.wikipedia.org
http://www.about.com
http://www.bluetomorrow.com
BOOK: Data Communication and Networking by B.A.Forouzan
9
Page