Perry asked: >Does anyone have good pointers to papers on the security of E0 and the >rest of the stuff used in bluetooth? It all looks very fragile.
Yes and yes. Schneier once described Bluetooth as "an eavesdropper's dream." As you did into this, Perry, you might also want to keep an eye on the evolving draft standards for IEEE 802.15 (Wireless Personal Area Networks), where the consumer electronics giants have apparently demanded a more robust security architecture for the next generation of high-speed low-power piconets. See: http://ieee802.org/15/index.html My Bluetooth reference file, fyi;-) Thomas G. Xydis, Simon Blake-Wilson, Bluetooth Security Experts Group - Feb., 2002 "Security Comparison: Bluetooth Communications vs. 802.11." http://www.bluetooth.com/upload/14Bluetooth_wifi_security.pdf Bluetooth SIG Security Expert Group "Bluetooth Security White Paper," 4/19/02 <http://www.bluetooth.com/upload/24Security__Paper.PDF> Cathal McDaid, 2001 Bluetooth Security, Parts 1, 2, & 3 (Evaluation) http://www.palowireless.com/bluearticles/cc2_security3.asp http://www.palowireless.com/bluearticles/cc2_security2.asp http://www.palowireless.com/bluearticles/cc1_security1.asp Thomas Müller Bluetooth Security Architecture, 1999 <http://www.bluetooth.com/developer/download/download.asp?doc=174> M. Jakobsson and S. Wetzel "Security Weaknesses in Bluetooth" <http:// www. rsasecurity. com/ rsalabs/ staff/ bios/ mjakobsson/ bluetooth/ bluetooth.pdf> S. Fluhrer and S. Lucks "Analysis of the E0 Encryption System" <http:// th. informatik. uni-mannheim. de/ People/ Lucks/ papers/ e0. ps. gz> Träskbäck M, Security in Bluetooth: An overview of Bluetooth security, 2000-11-2 <http://www.cs.hut.fi/Opinnot/Tik-86.174/Bluetooth_Security.pdf> Ullgren T. Security in Bluetooth: Key management in Bluetooth <http://www.cs.hut.fi/Opinnot/Tik-86.174/sectopics.html> B. Miller "IEEE 802.11 and Bluetooth wireless technology" <http:// www-106. ibm. com/ developerworks/ wireless/ library/ wi-phone/> Vainio J., Bluetooth Security, 2000 <http://www.niksula.cs.hut.fi/~jiitv/bluesec.html> Hope these are helpful. Suerte, _Vin * Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> * --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]