Miniaturization of electronic devices and advancements in battery technology encourage proliferation of wireless protocols, such as Bluetooth and ZigBee, for connecting electronic devices within personal area networks. Bluetooth, for example, is a protocol standard for short-range wireless connectivity between diverse types of devices, such as cellular phones, headsets, Internet-controlled thermostats and security systems, computer mice and keyboards, stereo speakers, baby monitors, and the like. It utilizes the unlicensed Industrial, Scientific and Medical (ISM) 2.4 GHz radio frequency band and a frequency-hopping spread spectrum (FHSS) method of transmission. Bluetooth has many applications, such as controlling devices where infrared technology was previously used, and represents an attractive means of communication because of its implemented security measures.
In any wireless setup, security is a concern because radio-wave transmissions can be intercepted. Some wireless protocols, such as Bluetooth, guard against this type of attack by limiting sensitive personal communications to trusted devices. A bond is established with a trusted device by sharing a private key that is used to encrypt transmissions. When bonding is completed, the paired devices can exchange data without asking permission.
The process of establishing a trusted pair comes with the price of being a potentially burdensome procedure, especially for a user who is not technically inclined. Additionally, it provides only limited security against particular types of attacks. One such attack is the man-in-the-middle attack, which occurs when a user wants to connect two wireless devices but unknowingly connects to a third (attacking) device. The third device is electronically transparent and eavesdrops on communications it relays back and forth between the compromised devices that share the illusion they are directly connected to one another. Additionally, the third device has the ability to pass its own data (e.g., commands) to the compromised devices and potentially cause damage.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of embodiments of the present invention. In addition, the description and drawings do not necessarily require the order illustrated. It will be further appreciated that certain actions and/or steps may be described or depicted in a particular order of occurrence while those skilled in the art will understand that such specificity with respect to sequence is not actually required.
The apparatus and method components have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present invention so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.