The History of Bluetooth

A long time ago (historians differ on the exact dates, but it was sometime in the 10th Century C.E.) in a country far, far away, (which was mostly Denmark, with a little bit of Norway added in for flavor,) there lived a Viking king who was principally noted for converting to a foreign religion called Christianity. He was known as Harald Bluetooth, son of Gorm the Old, and he united most of Denmark before his estranged son, Sven Forkbeard, sent him to Valhalla and took over the family business.

A little more than 1000 years later, succumbing to an attack of Scandinavian pride, the giant Swedish telecom manufacturer Ericsson decided to honor old, weird Harald by naming its new wireless networking standard after him. It convinced founding Special Interest Group co-partners Nokia, Toshiba, IBM and Intel that Bluetooth was the right name for the thing and, together, they set off to conquer the air.By December 1, 1999, 3Com, Lucent, Microsoft and Motorola had joined the Promoter Group — the folks that were willing to spend money to hype the standard — and in the neighborhood of 1200 other companies had joined the SIG. (Signing up for membership costs nothing, so it isn’t exactly an exclusive club.) Between them, they manged to generate a lot of coverage about Bluetooth in the trade press.

Since the computer trade press mainly consists of English and journalism majors with no hands-on technical background, most of whom make a living re-wording press releases, the fanfare meant very little, however. Meanwhile, actual consumers waited for actual products actually to emerge.

As is often the case with consortium-driven standards — even “open” ones like Bluetooth — that took a while. And, as is also often the case, the majority of the early products were aimed not at consumers, but at developers.

While the world waited, grass-roots programmers and engineers began playing with a brand new wireless standard: an offshoot of good, old Ethernet called 802.11b. Like Bluetooth, it used the unlicensed 2.4 – 2.48GHz portion of the radio spectrum, so 802.11b products would work anywhere on the planet without any special license from the local authorities. And it was fast — much faster than Bluetooth’s nominal 1Mbps — and it had about 10 times the range that Bluetooth’s Class 3 devices could boast.

Time passed and soon it was 2001, the beginning of a brand-new millenium. The clumsy-sounding 802.11b moniker had since been supplanted by the less-tongue-twisting name “Wi-Fi” and the cost of its hardware was plunging like a dotcom stock option.

The world was still waiting for Bluetooth — and, to its SIG partners’ dismay, Microsoft announced that the initial release of its forthcoming Windows XP would not include Bluetooth support.

Microsoft’s stated reason for omitting the Viking technology from the next release of its flagship OS was the lack of a critical mass of Bluetooth-enabled devices demanding Windows support. That basically translated to the Redmond behemoth simply acknowledging a conspicuous worldwide lack of user demand for the namesake of Gorm the Old’s son.

That’s not the only problem with Bluetooth, however.

The Unfaithful Servant
First of all, there’s the issue of cost. The low end of the cellular phone hardware market is savagely price-competitive and Bluetooth silicon is still much too expensive to be included in the “gimme” phones that entice a substantial segment of cellular consumers to take the plunge. That creates a chicken-or-egg conundrum, since Bluetooth must become ubiquitous in order to achieve the enconomies of scale that would make it affordable to average consumers — but first it must universally be adopted in order to achieve those very economies of scale.

Then there’s the question of Bluetooth’s security — or, more properly, the gaping holes therein.

Although some have tried to wish the problem away, others have taken a more skeptical view of the fundamental weaknesses in Bluetooth’s PIN-based generation of a device’s initialization key. Juha T. Vainio of the Helsinki University of Technology’s Department of Computer Science and Engineering quite rightly points out [4] that a 4-digit PIN offers only 10,000 total possible combinations — making 4-digit PINs highly susceptible to brute-force cracking techniques — and the problem is further exacerbated by the well-known user laziness factor that results in a large number of 4-digit PINs being set to 0000.

There’s also the possibility that one Bluetooth device may use its exchange of unit keys with a second device and third device to eavesdrop on their “private” conversation — or even falsely to authenticate itself to the one, masquerading as the other.

That’s because, when the first two devices exchange unit keys, they can “decide” to use one or the other as a shared “secret” to generate their link key. When a third device then enters into a key exchange with the second device, and also opens a session with the first device, it reveals its unit key to both. The first device now knows both of the others’ “secrets” — and their entirely-public 48-bit BD_ADDRs — and it’s also synched to the same master clock. Now, merely by faking one of the other box’s BD_ADDR, it can generate the public keys necessary to listen in on its two neighbors’ “private” traffic. Assuming that the first device can eavesdrop on their conversations, it can also authenticate itself as either device to the other, since that imposture requires no additional data.

The above problem is more than simply theoretical. Bell Labs scientists Marcus Jakobsson and Susanne Wetzel demonstrated exactly that scenario in the lab, as ZDnet reported on the 8th of September, 2000.

Leave a Reply

Translate »