Cracking the Bluetooth PIN

Yaniv Shaked*, Avishai Wool

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

122 Scopus citations

Abstract

This paper describes the implementation of an attack on the Bluetooth security mechanism. Specifically, we describe a passive attack, in which an attacker can find the PIN used during the pairing process. We then describe the cracking speed we can achieve through three optimizations methods. Our fastest optimization employs an algebraic representation of a central cryptographic primitive (SAFER+) used in Bluetooth. Our results show that a 4-digit PIN can be cracked in less than 0.3 sec on an old Pentium III 450MHz computer, and in 0.06 sec on a Pentium IV 3Ghz HT computer.

Original languageEnglish
Title of host publicationProceedings of the 3rd International Conference on Mobile Systems, Applications, and Services, MobiSys 2005
Pages39-50
Number of pages12
DOIs
StatePublished - 2005
Event3rd International Conference on Mobile Systems, Applications, and Services, MobiSys 2005 - Seattle, WA, United States
Duration: 6 Jun 20058 Jun 2005

Publication series

NameProceedings of the 3rd International Conference on Mobile Systems, Applications, and Services, MobiSys 2005

Conference

Conference3rd International Conference on Mobile Systems, Applications, and Services, MobiSys 2005
Country/TerritoryUnited States
CitySeattle, WA
Period6/06/058/06/05

Fingerprint

Dive into the research topics of 'Cracking the Bluetooth PIN'. Together they form a unique fingerprint.

Cite this