An Introduction to
the Bluetooth LE
Security Study Guide

My house has locking doors and windows, an alarm system, and several security cameras. I own a baseball bat, but I’m not a fan of baseball.

My garden shed, on the other hand, has a door with no lock and is protected only by the easily climbed fence around my property. It’s counterintuitive, but I consider the security of my shed to be just as fit for purpose as that of my house.

The point is that my shed is sufficiently secure to protect the items it contains, and, as such, its security is fit for purpose. The shed contains little of any value; a broken plant pot, a (presumably) happy family of spiders, and an unidentifiable rusty thing in the corner which has been there since we moved into this house twenty years ago. My house, on the other hand, contains many things and people that I value very much, and so substantially more has gone into its security than that of the shed.

Security and descriptive terms like secure do not, therefore, relate to any form of absolute.

Bluetooth Technology and Security

Bluetooth^® technology is more than twenty years old and 10 million Bluetooth devices currently ship every day. There are many factors which might explain its longevity, but I’m certain that one of them is the way in which Bluetooth technology, driven by the requirements and expertise of Bluetooth SIG member companies, has been continuously evolved to improve it, making it more versatile and more powerful. This includes its security capabilities.

The Bluetooth Core Specification defines a series of security capabilities which include encryption, authentication, and privacy features and various security procedures such as pairing. Profile specifications may mandate or just recommend the use of certain Bluetooth security features in related products.

But much of the philosophy behind Bluetooth^® technology and security has always been to offer the security features as a kind of security tool kit, which the profile designer, product designer, and software developer must select from and use in their product to render its security fit for purpose. This places responsibility on the product manufacturer’s team to do their own assessment of the security issues as they relate to their product, the expected users of their product, and the circumstances in which it will be used.

The level of security which a Bluetooth Low Energy (LE) product may attain, using a stack which is compliant with the latest Bluetooth Core Specification, is considerably higher than that which used to be possible. Bluetooth LE switched to a new and far more secure approach to pairing called LE Secure Connections, in release 4.2, for example. But the higher or highest security attainable requires designers and developers to use the right security features in the most appropriate way.

Ascending the Learning Curve

If you’re new to Bluetooth^® technology and, perhaps, new to security in general, where and how do you start? How do you know what security features Bluetooth technology has and how they relate to commonly understood security concepts and issues? How do you gain an appreciation of how they work and how you might use them in a product?

Until now, the answer has been that you must take a deep breath, dive into the Bluetooth Core Specification, and start reading. But the Bluetooth Core Specification is about three thousand pages long and, whilst there are sections specifically about security, the topic does crop up in many other parts of the specification, which means you’ll need to be thorough in your review of the specification if you want to gain a full appreciation of Bluetooth security. And depending on your start-point, in terms of prior knowledge and experience, the learning curve may appear to be steep. We at the Bluetooth SIG acknowledge that some people may feel they’re climbing a large and difficult mountain.

The Bluetooth Low Energy Security Study Guide

To help you get comfortable with basic security concepts – Bluetooth^® LE security features, what they are, how they work, and when you might use them – we’ve created the Bluetooth LE Security Study Guide. This is not a substitute for the Bluetooth Core Specification, which should always be your reference for any technical questions about how a Bluetooth stack should function. Instead, think of it as providing a series of basecamps and giving you a guided tour up the mountain. Once you’ve worked through some or all of the guide, you’ll find tackling the Bluetooth Core Specification a much less challenging task.

Per the name, the Bluetooth LE Security Study Guide focuses on security as it relates to Bluetooth LE only.

The Bluetooth LE Security Study Guide is modular. If you’re already familiar with security concepts in general, you can skip that section. If you’re already familiar with how LE Legacy Pairing works but want to clarify what LE Secure Connections is about, you can just read that part. You should be able to use this new study guide in a time-saving and efficient way before heading for the appropriate part(s) of the Bluetooth Core Specification.

Who is the Bluetooth LE Security Study Guide for?

The Bluetooth^® LE Security Study Guide is for anyone in any kind of technical role who works with or expects to work with Bluetooth LE. CTOs and product managers will benefit from appreciating the security features that Bluetooth LE defines and understanding the underlying, industry-standard cryptology they are based upon. Technical architects will benefit from a deeper exploration of how these features work, and software developers will have the opportunity to gain some hands-on experience implementing some of the key features through a series of exercises based upon the Zephyr OS and SDK.

The Bluetooth LE Security Study Guide is available for download from the Resources section of bluetooth.com.