Since cyber hacking is more of a threat than ever, Robert dives into the Bluetooth Security Manager in Part 6 of his series on Bluetooth. Previously, he wrote about Bluetooth Low Energy protocol in Part 4, and in Part 5, he wrote on GATT for Circuit Cellar's September issue. In this issue, Robert examines attacks on confidentiality, authenticity and integrity and describes ways to combat man-in-the-middle attacks.

Welcome back to the world of Bluetooth. In my previous articles, I presented the overall Bluetooth Low Energy (BLE) protocol. I explained how a BLE connection between two devices can be established ("No Blues with Bluetooth, Part 4: Let's Connect with BLE." Circuit Cellar 409, August 2024) [1] and what kind of information can be exchanged through this connection ("No Blues with Bluetooth, Part 5: GATT explained." Circuit Cellar 410, September 2024) [2].

Do you now have all the information needed to understand BLE? Well, almost. I am sure you remember the BLE protocol stack. If not, just have a look at Figure 1. I already presented all entities on this diagram except one--the Security Manager (SM). As its name implies, it ensures that the BLE communication is "safe," that is, safe enough for a given application.

Cyber hacking is more than a risk, and Bluetooth is now used for a multitude of sensitive applications, so this topic is more than crucial. Next, let's have a look at how security is managed in BLE.

SECURITY RISKS

Before delving into the BLE Security Manager, it may be useful to go back to some security basics. Let's take the example of a door lock that's designed to be opened with your smartphone (Figure 2). For sure, many such products exist on the market. What are the cyber security risks in such a case, especially since a wireless link is used?