WIDCOMM BT link keys - where are they?

"Shevek" <shevekFOADSPAMMERS@FOADSPAMMERSmoldy.me.uk> wrote in message
news:hv79j097a75s2rdm1gjj3bbgcqp4k9h5pu@4ax.com...
> On Tue, 31 Aug 2004 12:23:51 +0200, Pawe³ Kraszewski
> <Pawel_Kraszewski@wp.pl> wrote:
>
> >Hello!
> >
> > I have a dual boot system - Linux plus Windows. I bought X-Micro BT USB
> >dongle and it works like a charm. Both in Windows and Linux.
> >
> > Here comes the problem - link key for paired devices is kept in the OS.
So,
> >if I pair the phone under Windows I lose pairing in the Linux and
> >vice-versa. My idea is to grab the key from Windows and inject it into
> >Linux.
> >
> > Moreover - I use the same dongle in a few computers, each time I need to
> >re-pair device due to key mismatch. Copying of the key should solve the
> >problem.
> >
> > Is it possible?
> >
> > Best regards,
>
> I have a similar problem in that I use the same BlueTooth dongle on
> two computers.
>
> As long as your BT software on all OS/Systems has the same BT name and
> you use the same pairing passkey then it should work fine without the
> need to re-pair.
>
> Pairing is based on the MAC address of the device, in this case the
> dongle's MAC address to the phone's MAC address.
>
> As far as the phone is concerned it is connecting to the Dongle not
> the computer so as long as bt name and passkey are the same, it should
> work... Does for me!
>

Interesting. It doesn't work for a lot of people and was understood that
pairing information had key + MAC + other random information.


--
Mauricio Freitas, Microsoft MVP Mobile Devices
Bluetooth guides: http://www.geekzone.co.nz/content.asp?contentid=449
Performance Centre (Pocket PC reviews):
http://www.geekzone.co.nz/content.asp?ContentId=2028
Handango discount: http://www.geekzone.co.nz/handango_code.asp

Moin,

Am Wed, 1 Sep 2004 07:38:25 +1200 schrieb Mauricio Freitas:

> Interesting. It doesn't work for a lot of people and was understood
> that pairing information had key + MAC + other random information.

It has. See Bluetooth Core Specification v1.2 Volume 2, Part H. In
Section 3.1 the four types of link keys are listed: combination key,
unit key, temporary master key and initialization key. Section 3.2
details their generation:

The initialization key takes the BD_ADDR, the PIN and a random number.
The unit key takes the BD_ADDR and a random number.
The combination key takes both BD_ADDR's and two random numbers.
The temporary master key even takes three random numbers.

So if someone can use the same devices on different systems without
re-pairing several things could be happening:
1. their stack is extremely broken and generates bad random numbers
2. their stack is extremely clever and saves the PIN to transparently
re-pair
3. their stack is storing the combination or unit key somewhere on
the bluetooth device
4. the other device has enough memory to store several combination keys
for one peer (and does so)
5. the other device is using a unit key which all systems stored

Number 3 is (more or less) what Pawel wants to do. I don't think anybody
in his or her right mind would do 2. I believe what Shevek sees is 5 (or
less likely 4 or 1).

A note on 5: "the use of unit keys is deprecated since it is implicitly
insecure" (from section 3.1).

--
Henryk Plötz
Grüße von der Ostsee
~~~~~~~ Un-CDs, nein danke! http://www.heise.de/ct/cd-register/ ~~~~~~~
~ Help Microsoft fight software piracy: Give Linux to a friend today! ~

Henryk Plötz wrote:

[cut]

Thank you for competent answer!

Well, I understand BT cryptography as this (key names are my own, they
correspond to the ones specified by Henry):

1. Two devices are unpaired, never seen each other before
2. Before "pairing", during "discovery" they learn each other's MAC (or
whatever the unique ID is called in BT)
3. During "pairing" they use PIN, MAC and some random data to generate
"pairing key", confirming, that device is paired to the other. This key is
stored on the both devices. On computer-side I guess it is stored on the
harddisk rather than in the BT USB dongle. It is at least for Linux BlueZ
driver.
4. "pairing key" is used to generate "session key" for each subsequent
connection.

Paired device recognizes its counterpart by MAC and "pairing key". Mismatch
on MAC and key requires re-pairing.

So, if I pair my mobile with my computer at home via BT dongle and than take
mobile _and_ dongle to my work, the mobile doesn't see the change (MAC of
the dongle hasn't changed), but "pairing key" on work PC doesn't match one
expected by mobile. After I re-pair, everything is OK until I get home.

But - if I move "pairing key" _with_ the dongle, the mobile won't notice,
that the computer it is connecting to has changed. Therefore I won't need
to re-pair mobile at work. It will still think it's at home

So - where might I find that "pairing key" (this probably be the "unit key"
in Henry's note) in WIDCOMM software???? This would be something like
cloning of the BT device identity...

Best regards,

--
Pawel Kraszewski

In <news:ch5emi$epc$1@nemesis.news.tpi.pl> Pawe³ Kraszewski wrote:
> [...] So - where might I find that "pairing key" (this probably be the
> "unit key" in Henry's note) in WIDCOMM software? [...]

Yes, though some substantial info was given in this thread (tnx!), the
initial question is still open and I'm also interested to find the saved key
on the Widcomm side. So if anybody knows where to fnd it, please let us
know, too.

My reason is similar to Pawels, but I'm intending to use it on the same PC
and OS, but with a different 'user'. Here's some background why:

I'm not starting the Widcomm device drivers with the user logon, but already
with the start of the PC (XP). This is done by starting the BTstackserver
via the Scheduled Task manager under my user account and pwd with the option
at startup. Thou pairing of the devices has to be done in a normal
operational mode with having the GUI enabled prior to this.

So this give me the option e.g. to surf the web with my Palm even though I
aven't logged on to my PC, yet. (Having the devices paired is security
enough IMHO.)

The disadvantage is that as soon as I change my password I also have to
change it in the Schedule Task job. So my idea was attach the BTstackserver
service not to my account, but to e.g. Windows "System" account. As said
before, the initial pairing has to be done with the GUI enabled, but I can't
do this as the "System" user.

So I also was looking to move my account's key into the area for the
"System" user.
--
tnx
Oliver

Hi everyone.
I am new here my web http://www.istockvanities.com have a nice community.
I want to make some friends.
Thanks.

I am looking for some sites which are interested in some
link or banner exchange with my http://www.istockvanities.com
I have already couple friends
Thanks.