Bluetooth® is a protocol for short-range wireless communication. Bluetooth® technology has been integrated into many types of business and consumer devices, including bar code scanners, cell phones, laptops, keyboards, mice, headsets, automobiles, medical devices, etc. This allows users to form ad hoc networks between a wide variety of devices to transfer voice and data.
Bluetooth® specifications define security mechanisms for protecting communications between Bluetooth® devices. In accordance with these security mechanisms, trust between two Bluetooth® devices is created via a pairing procedure. The purpose of the pairing procedure is to create a common shared secret, called a link key, between the two devices.
Currently available Bluetooth® specifications specify several different pairing procedures. For devices that operate in accordance with Bluetooth® v2.0 (or earlier), pairing between two Bluetooth® devices requires both Bluetooth® devices to enter a personal identification number (PIN), and pairing is successful only if both devices enter the same PIN.
Bluetooth® v2.1 (and later) allows the use of Secure Simple Pairing (SSP) for link key establishment. SSP provides a number of association models that are flexible in terms of device input/output capability. SSP also improves security through the addition of Elliptic Curve Diffie-Hellman (ECDH) public key cryptography for protection against passive eavesdropping and man-in-the-middle attacks during pairing.