1. IPv6 over Bluetooth:Security Aspects,Issues
and its Challenges
J.Hanumanthappa1
,Dr.Manjaiah.D.H.2
1
Teacher Fellow,Dos in Computer Science, University of Mysore, Manasagangothri, Mysore,
Phone No: +91821-2419552; Fax: +91821-2510789; Email:hanums_ j@yahoo.com
2
Reader, Mangalore University, Mangalagangothri, Mangalore,
Fax: 091- 0824 – 2287670 (o) / 2288973 (r) 2287424 (fax);Email:ylm321@yahoo.co.in
Abstract
Bluetooth is a recently proposed standard communications protocol for wireless personal area networks and it has
become a defacto standard for short range ad-hoc radio connections.Security concern is one of the important
problems delaying the mass adoption of Bluetooth and IPv6.This paper focuses study on security issues, security
aspects of IPv6 over Bluetooth security mechanisms.It presents the security issues in various circumstances, and
challenges arising from the integration of Internet ,IPv6 over the short range wireless communicating protocol called
Bluetooth.Its explains briefly an overview of Bluetooth and describes some of the major issues that need to be
addressed,if it is to be successful as a wireless networking technology.After an overview of general Bluetooth
protocol a security frame work is introduced for the description of Bluetooth security paradigm, then both link level
and service level schemes are discussed in detail on the basis of paradigms.It also explains how to analyze what are
the various drawbacks of Bluetooth security issues over IPv6 security issues.
Keywords :-Bluetooth, IPv6 Security, IPSec etc.
1. Introduction
Interoperation of wireless standards and Internet protocols based services represents one of the main evolution in
next generation of new services.The evolution in wireless networks has lead to wide variety of internet and wireless
applications.
Internet Protocol standards like IPv4 and IPv6 respectively the former and next generation of prominent Network
protocols.Therefore integration of IPv6 and Bluetooth seems to be an interesting objective to conceive for next
generation for next generation services of wireless networks.Further more the growth in Wireless networks, predicts
an increasing role of wireless communication techniques in the future and consequently, Security is taking an
important role in next generation services. Future evolution on portability and security has also effects on the use
and performance of Internet Protocols.IP-Sec in IPv6 offers solution to handle security at a network layer protocol.
Usually Bluetooth consumes a low power, cost effective, globally available, ease of use, applicable to wide range of
devices[1][2].
In this paper, we present the security issues and the challenges of the integration of the new version of the Internet,
IPv6 and the Standard communication protocol for wireless personal area networks.A complete architecture is
presented, for which any security scenario is depicted from one designed technology to another design technology.
New Security Solutions are developed and their enhancements are suggested in order to optimize such mechanisms.
We know that Bluetooth is a new technology named after the 10th
century Danish king Harald Bluetooth is standard
proposed for local wireless communication and is becoming hotter and hotter a topic. The primary goal of Bluetooth
is a cable replacement protocol for wireless connectivity.The Bluetooth system operates in the worldwide unlicensed
2.4 GHz ISM frequency band and employs Frequency Hopping (FH) technique in which the carrier frequency is
changed at every packet transmission.To minimize complexity and to reduce the cost of the transceiver, a simple
binary Gaussian frequency shift keying modulation is adopted. A diverse set of wired and wireless devices are
Bluetooth connectable including office appliances : for example laptops, PDAS, printers, projectors, desktop PC’s,

2. communication appliances like mobile phones, speakers ,headsets etc, home appliances: for example DVD players,
digital cameras etc. Bluetooth is not only applicable for all these applications , in one single statement Bluetooth is
fit for all sorts of applications like wireless office , electrical paying , meeting room , intelligent parking ,banking
,insurance sectors etc.
Any Bluetooth device can be either a master or a slave depending on the application scenario. Two or more
Bluetooth units sharing a same channel form a piconet. Within a piconet a Bluetooth unit can act like a slave unit or
a master unit. For multiple Bluetooth devices to communicate, they must all synchronize to the same hopping
sequence. The master sets the hopping sequence and slaves synchronize to the Master piconet is formed by a master
and upto seven active slaves. A Scatter net can be formed by linking two or more piconets.when a device is present
in more than one piconet then it must time share and synchronize to the master of the piconet with which it is
currently communicating. The topology and hierarchical structure of wireless local area networks are relatively
simple, however Bluetooth networks are diverse and dynamic in nature.
Bluetooth was developed by Bluetooth Special Interest Group (BSIG) formed in may 1998.Intel, IBM, Nokia,
Toshiba have become the founding members of BSIG. All most all of the biggest telecom companies like Motorola,
Lucent have joined the BSIG.
This paper is organized as follows. We briefly described the salient features of the security issues of Bluetooth
technology in Section 2.We describe Internet over IPv6 security in section 3.We discuss IPv6 Security aspects over
Bluetooth Security aspects in Section 4 and briefly review the existing research in section 5.We describe our
research approach in overcoming these challenges and provide some initial results in section 6 and 7.Finally we
conclude paper in section 8.
2.Context and Motivations
2.1. Importance of Security in Bluetooth
2.1.1. Security Issues of Bluetooth
The various Security issues related to Bluetooth are mentioned as follows:
1.The data is transmitted in clear unless encryption is selected.
2. Information can be stolen by using Bluetooth to transfer it.
3. Denial of Service attacks can be performed on Bluetooth devices.
4. Transmission of malware (viruses or worms) over Bluetooth is possible. Bluetooth worms already exist.
5. Services using Bluetooth are susceptible to the same vulnerabilities as any other standard services.
Security support in Bluetooth represents an important parameter for the deployment of this technology. Security for
wireless is provided on the various wireless links, in other words, link encryption and authentication may be
provided, but true end to end security is not possible without providing higher layer security solutions on top of
Bluetooth’s Radio standard and a communication protocol like Bluetooth specification which supports for following
three important basic security services.
1. Authentication-The aim of Bluetooth is to identify various communicating devices. It gives an abort message
when a device cannot authenticate properly.
2. Confidentiality-Another important security goal of Bluetooth is confidentiality.
3. Authorization-Third goal of Bluetooth is a security service developed to allow the control of resources.
Security has played an important role in the invention of Bluetooth. The Bluetooth secure technology provides more
security because of its BSIG.Generally the security aspects of Bluetooth are broadly divided into three modes.
1. Non Secure, 2.Service level enforced security, 3.Link level enforced security.
2.2.Next Generation IP Networks: IPv6
IPv6 is the new version of IP which is designed to be an evolutionary step from IPv4.There is numerous reasons
could be appropriate to the next generation of networks. It solves the internet scaling problem, provides flexible
transition mechanisms for the current internet, and was designed to meet the needs of new market such as nomadic
computing devices, network entertainment and device control. It provides these features in an evolutionary way
Which reduces the risk of architectural problems [1].

3. The advantages of incorporating IPv6 support in an interactive Bluetooth communication protocol are mainly
focused on
1. Bluetooth and IPv6 Protocol form a great team to create an “always-on” world.-The IPv6 will enable us to
connect everyone and everything to the internet, allowing real two way internet connectivity, similar as offered
today by the phone system.
2. In general terms, Bluetooth technology has a good support of IPv6 protocol.
3. IPv6 will allow to develop new applications in very different and new areas like VOIP, 3G, 4G mobile phones,
Home networks, Car-2-Car, IP mobility etc.
3.Internet over IPv6 Security
During the last years it became clear, that good and standardized security mechanisms will be the requirement for
the further success of the Internet. Many security mechanisms had to be implemented to ensure security for
important data transfers via the Internet.SSL on base of the HTTP protocol or SSH as a replacement for the insecure
telnet service are the most famous examples of security add-ons which were invented to make insecure services
usable again. All of these security mechanisms have one thing in common; they are implemented on the Application
Layer written for a special kind of application, using a special more or less secure encryption or authentication
method.
IP-Sec takes a different approach in implementing security. It implements security on top of the network layer, thus
enabling all services working on top of IP to automatically use it’ security mechanisms [18].
3.1. Attacks on Internet Services.
There are basically three types of security threats on internet services, Disruption of Service or Denial of Service
attacks, Fabrication, Modification or Deletion of Information, Electronic Eavesdropping Passive attacks [18].
Figure 1.Types of Attacks
1. Disruption of Service or Denial of Service attacks:
This kind of attack stops services from running normal by stopping, overloading or simply
Destroying them. They are easily detected cause they have an immediate and noticeable impact.
2. Fabrication, Modification or Deletion of Information:
These attacks are not easily detected and are characterized by infiltrating false information
in payment systems, email or any other trusted communication.
3. Electronic Eavesdropping:
It’s a type of passive attacks.This are usually impossible to detect and in a Internet
Impossible to prevent.Ex: Snipping IP traffic.
3.2. Common attacks on IPv6
We know that IPv6 cannot solve all the types security problems. Basically IPv6 cannot prevent any attack on layers
above the network layer in the network protocol stack. The list of IPv6 attacks that cannot be prevent are mentioned
as follows.
1.Application Layer Attacks,2.Brute-force attacks and password guessing attacks on authentication
modules,3.Rogue Devices, Denial of Service, Social attacks: such as email spamming, phishing, etc.
4.IPv6 Security aspects over Bluetooth Security Aspects
Attacks
DOS attacks Deletion of Information
attacks
Electronic eavesdropping
Attacks

4. 4.1. Related Work
There have been a few investigations on different aspects of on Bluetooth security issues and challenges and IPv6
security issues and challenges
Bluetooth security is robust, complex and simple, when compared with WLAN security. It is more complex in the
sense that there are many different options for security based on different application scenarios. It is simpler in the
sense that, for the most part, they are transparent to the user.
Case 1:
The below Table -1 shows the comparison between the security aspects of IPv6 over Bluetooth under various
circumstances [18].
Table-1.Security features of Bluetooth per the parameters and IPv6 Security parameters.
IPv6 Security parameters Bluetooth Security parameters
1.Security in IPv6 is provided by IP-Sec. 1. Security in Bluetooth is supported by BSIG.
2. In IP-Sec it contains two basic security services
defined by IETF like 1.Encryption and Authentication.
2.Three basic security services defined by Bluetooth are
1. Confidentiality, 2.Authentication, 3.Authorization.
3.The IPv6 authentication procedure is not in the form
of a ”challenge-response” scheme
3. The Bluetooth authentication procedure is in the form of
a ”challenge-response” scheme.
4.Security Association(SA’s)is the internal base
construct of IP-Sec.
4. Bluetooth provides a frequency-hopping scheme with
1,600 hops/second combined with radio link power control.
5. No 5. The security process during establishment of personal
area networks based on the Link key generation.
6. In IP-Sec Security Associations are stored in Security
Association Database (SAD). No
7. The MS-Windows SA’s are managed by IP-Sec
policy agent. No
8. In the Linux IP-Sec Free/SWAN package SAs are
managed by the spi command. No
9.SA’s support five important parameters like
The Security Parameter Index (SPI),The desired IP-Sec
service (AH or ESP),The transmission mode
(Tunnel/Transport), Source and Destination address,.
Used authentication/encryption method, Used Keys [18].
No
Case 2:
The below Table -2 shows the comparison between the security parameters of IPv6 Security and Bluetooth Security
based on Encryption process[18].
Table-2.Comparison of Security features of Bluetooth and IPv6 Security mechanisms based on encryption level
process.
Bluetooth Security Mechanisms IPv6 Security Mechanisms
1. Bluetooth allows three various encryption modes
support the confidentiality service.
1. Like authenticated data, encryption data can be sent in
two different ways.
1. Payload encryption (Transport), Tunnel mode
encryption.
2.The Bluetooth specification also allows three different
encryption modes to support the confidentiality
Service.
1. Encryption Mode 1-No encryption is performed on
any traffic.
2.Encryption Mode 2-Broadcast traffic goes unprotected
(not encrypted), but individually addressed traffic is
Encrypted according to the individual link keys.
3. Encryption Mode 3-All traffic is encrypted according
to the master link key.
1.Pay Load encryption: If it is required to encrypt the
Whole IP package, the encrypted IP package has to be
wrapped with an outer IP package. Using the
mechanisms shown above it’s possible to first encrypt
and then authenticate the encrypted package. Using the
mechanisms shown above it’s possible to first encrypt
and then authenticate the encrypted package.
Case 3:

5. We compare Bluetooth technology Security techniques and IPv6 Security techniques based on Trust levels, Service
levels, and Authorization Table-3.
Table-3.Security features of Bluetooth techniques and IPv6 Security techniques based on Trust levels, Service
levels, and Authorization.
Bluetooth Security techniques IPv6 Security techniques
1. Bluetooth allows two levels of trust and three levels of
service security. Two trust levels are broadly divided
into
1. Trusted and 2.Untrusted levels. Where trusted devices
have a permanent relationship. Therefore all these
instruments can be accessed fully for all kind of
services. There is no permanent relationship in untrusted
devices.
In IPv6 IPSec uses two protocols, Authentication
Header (AH) and Encapsulating Security y Payload
ESP).The first protocol provides for authentication and
data integrity. The second protocol provides for
Authentication, data integrity, and confidentiality [20].
Case- 4:Comparison between IPv6 security mechanisms and Bluetooth mechanisms based on Security levels is
Shown in Table-4.
Table-4: Security characteristic features of IPv6 and Bluetooth.
Bluetooth Security characteristic features IPv6 characteristic features.
1. Security levels in Bluetooth can be divided into three
levels like
1. Service Level 1—Those that require authorization and
authentication. Automatic access is granted only to
trusted devices. Untrusted devices need manual
authorization.
2. Service Level 2—Those that require authentication
only. Access to an application is allowed only after an
Authentication procedure. Authorization is not
necessary.
3. Service Level 3—Those that are open to all devices.
Authentication is not required, and access is granted
automatically.
The levels Service level -1,Service level-2,Service level-
3 will not play any major in an authentication supported
by IPv6 IP-Sec.
From all these four different tables we can see lot of differences between IPv6 Security mechanisms and Bluetooth
security mechanisms under various circumstances. Both IPv6 and Bluetooth introduce several components to
compare the contrast the security salient features with Bluetooth salient features. Finally we have determined
efficiency, security, portability aspects of IPv6 and Bluetooth.
5.IPv6 Security Challenges
In IPv6 we are using the various challenges issues like larger address space,IP-Sec, Neighbour discovery and
address auto configuration etc.We see a short a description about these security challenges in IPv6 one by one.
1. Larger address space:Port scanning is one of the best known reconnaissance techniques in use today. Port
scanning allows “black-hats” to listen to specific services (ports) that could be associated to well-known
vulnerabilities [23].
2.IP-Sec:IP-Sec uses two wire-level protocols, Authentication Header (AH) and Encapsulating Security. Payload
ESP).The first protocol provides for authentication and data integrity. The second protocol provides for
Authentication, data integrity, and confidentiality [20].In IPv6 networks both the AH header, and the ESP header are
defined as extension headers.Additionally,IP-Sec provides for a third suite of protocols. for protocol negotiation and
key exchange management known as the Internet Key Exchange (IKE).
2.1. Authentication Header.As mentioned before, the authentication header prevents IP packets from being
tampered or altered.
2.2.In the ESP extension header, the security parameter index (SPI) field identifies what group of security
parameters the sender is using to secure communication.ESP supports any number of encryption mechanisms.Also,
ESP does not provide the same level of authentication available with AH.
2.3. Transport and Tunnel modes:-However, in IPv6 networks, there is no need for a tunnel mode because, as
mentioned above, both the AH and ESP protocols provide enough functionality to secure IPv6 traffic [22].

6. 2.4. Protocol negotiation and key exchange management. In addition to AH and ESP, IPSec also specifies additional
functionality for protocol negotiation and key exchange management [1].
2.4. Neighbor discovery (ND) is the mechanism responsible for router and prefix discovery, duplicate address and
network unreachability detection, parameter discovery,and link-layer address resolution [1] [22].
6. Bluetooth Security Challenges
In Bluetooth we are using the various challenges issues like Link Key Generation—Bluetooth Bonding, Bluetooth
Authentication, 2.3 Bluetooth Encryption Process, Security Features of Bluetooth per the Specifications, Trust
Levels, Service Levels, and Authorization.
7.Conclusions
This paper was intended as a brief introduction to the many Security Challenges that the Bluetooth and IPv6
currently facing if it’s to succeed as a technology for building wireless networks. The interoperation of next
generation IP networks technology, IPv6 and Wireless networks technology standard is an undoubtedly an important
step to deploy for Next Generation Networks. Bluetooth is one of the several new wireless technologies that are
changing the entire enterprise environment. Because it is very low Power, shorter range, lower bandwidth, used for
less sensitive applications and more sparsely used than the other wireless technologies. In this paper we concluded
that Bluetooth Security is reasonably robust to applications with less security requirements as compared to IPv6
Security mechanisms and granular in its form and is quite secure even in its default state. However we don’t know
an application developers may or may not select to incorporate security into application layers, it is possible that the
Blue tooth security will be more robust than the IPv6 security. Despite all criticism IP-Sec is the best network
security solution currently available. It allows two networks to securely connect over the Internet, or just enabling
secure data transmission for network services operating in clear text. It should be noted, however, that IP-Sec does
not automatically secure everything, it’s as secure as the computer, operating system or application it is working on.
IP-Sec does attempt to standardize security mechanisms in the Internet and is a great step toward a more secure
Internet.
8.Acknowledgements
This research paper has been supported by Department of studies in Computer Science,Manasagangothri, University
of Mysore and Department of P.G. Studies and Research in Computer Science,Mangalagangothri,Mangalore
University.And also I am very thankful to my beloved supervisor Dr.Manjaiah D.H for his encouragement during
the preparation of this paper as a esteemed publications.
9.References
[1].Dr.Manjaih.D.H. Hanumanthappa.J.A Study on Comparison and Contrast between IPv4 and IPv6 Feature sets. In Proceedings
of ICCNS 2008, 2008.
[2].Dr.Manjaih.D.H.,Hanumanthappa.J.,Transition of IPv4 Network Applications to IPv6 Applications, In Proceedings of
ICETiC-2009, 2009.
[3].B.Miller and C.Bisdikian,Bluetooth revealed :The insiders guide an open specification for global wireless
communications.Prentice Hall 2000.
[4].S.Deering and R.Hinden “Internet Protocol Version 6(IPv6) Specification”, RFC 2460, December 1998.
[5].Bluetooth SIG, http://www.Bluetooth.com
[6]Bluetooth Security Architecture white paper, http://www.Bluetooth.com/developer/whitepaper/whitepaper.asp.
[7]Bluetooth support in Windows XP, http://www.microsoft.com/hwdev/tech/network/Bluetooth.
[8].Hans Jacob Rivertz, “Bluetooth Security “, Nowergian computing centre, 3/3/2005.
[9].Gehrmann, C. (2002). Bluetooth Security White Paper : Revision 1.0. Bluetooth Document. April 2002.
[10].Jakobsson and Wetzel. 2001. Security Weaknesses in Bluetooth. RSA ’01. Available from
http://www.informatics.indiana.edu/markus/papers.asp [Accessed 18th March 2003]
[11].Muller T. Bluetooth Security Architecture: Version 1.0. Bluetooth White Paper,Document # 1.C.116/1.0, July 15, 1999.
[12].Nichols and Lekkas (2002).Wireless Security: Models, Threats and Solutions. New York: McGraw-Hill.
[13].Whitehouse. Bluetooth: Red fang, blue fang. CanSecWest/core 04. Available from:
http://cansecwest.com/csw04/csw04-Whitehouse.pdf [Accessed 2nd October 2005].
[14].Traskback.(2000). Security of Bluetooth: An overview of Bluetooth Security. Available from:
http://www.cs.hut.fi/Opinnot/Tik-86.174/Bluetooth_Security.pdf, [Accessed 27th April 2003]
[15].Suvak,D.(1999).IrDA versus Bluetooth: A Complementary Comparison. Extended Systems White Paper. Available from:
http://www.dpi.net.ir/pc/MobileComputing/articles/IrDA%20versus%20Bluetooth%20A%20Complementary%20Comparison.ht
[Accessed 27th April 2003].
[16].Nichols and Lekkas (2002).Wireless Security: Models, Threats and Solutions.New York: McGraw-Hill.
[17].Karygiannis and Owens.Wireless Network Security: 802.11,Bluetooth and Handheld devices. November 2002. NIST

7. Special Publication 800-48.Available from:
http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf [Accessed 6th April 2003].
[18].S.Hagen, July 2002. IPv6 Essentials - Integrating IPv6 into your IPv4 Network,O’Reilly,p 1-4,12-16, 77-104.
[19].W.Stallings,1998.Cryptography and Network Security: Principles and Practice, Prentice Hall,p 399-432.
[20].Kent, S.; Seo, K., “Security Architecture for the Internet Protocol,” RFC 4301, Dec. 2005,
http://tools.ietf.org/html/4301
[21]. Friedl,S., “An illustrated Guide to IPSec,”Unixwiz.net, Aug.2005, http://www.unixwiz.net/techtips/iguide-
ipsec.html
[22].Szigeti, S.; Risztics, P.,"Will IPv6 bring better security?,” Proceedings 30th Euromicro Conference,2004, vol.,
532- 537, 31 Aug.-3 Sept. 2004.
[22]. Popoviciu C.; Levy-Avegnoli, E.; Grossetete, P.,Deploying IPv6 Networks, Cisco Press, Indianapolis, IN,2006.
[23].Ford, M., “New Internet Security and Privacy Models Enabled by IPv6,”The 2005 Symposium on Applications
and the Internet Workshops, 2005. Saint Workshops 2005, vol., no.pp. 2-5, 31-04 Jan. 2005.
Mr.Hanumanthappa.J. is Lecturer at the DoS in CS,University of Mysore, Manasagangothri,Mysore-
06 and currently pursuing Ph.D in Computer Science and Engineering, from Mangalore University under
the supervision of Dr.Manjaih.D.H on entitled “IPv6 and Multimedia Stuffs”. His teaching and Research
interests include Computer Networks,Wireless and Sensor Networks, Mobile Ad-Hoc
Networks,Intrusion detection System,Network Security and Cryptography, Internet Protocols, Mobile and
Client Server Computing,Traffic management,Quality of Service,RFID,Bluetooth,Unix internals, Linux
internal, Kernel Programming ,Object Oriented Analysis and Design etc.His most recent research focus is in the
areas of Internet Protocols and their applications. He received his Bachelor of Engineering Degree in Computer
Science and Engineering from University B.D.T College of Engineering , Davanagere,Karnataka( S),India(
C),Kuvempu University,Shimoga in the year 1998 and Master of Technology in CS&Engineering from NITK
Surathkal,Karnataka( S ),India (C) in the year 2003.He has been associated as a faculty of the Department of Studies
in Computer Science since 2004.He has worked as lecturer at SIR.M.V.I.T,Y.D.I.T,S.V.I.T,of Bangalore.He has
guided about 50 Project thesis for BE,B.Tech,M.Tech,MCA,MSc/MS.He has Published about 10 technical articles
in International ,and National Peer reviewed conferences.He is a Life member of CSI, ISTE,AMIE, IAENG,
Embedded networking group of TIFAC – CORE in Network Engineering ,ACM.He is also a BOE Member of
all the Universities of Karnataka, INDIA.
Dr. Manjaiah D.H. is currently Reader and Chairman of BoS in both UG/PG in the Computer Science at Dept. of
Computer Science, Mangalore University, Mangalore. He is also the BoE Member of all Universities of Karnataka and other
reputed universities in India. He received PhD degree from University of Mangalore, M.Tech. from NITK, Surathkal and B.E.,
from Mysore University. Dr.Manjaiah D.H has an extensive academic, Industry and Research experience. He has worked at
many technical bodies like IAENG, WASET, ISOC, CSI, ISTE, and ACS. He has authored more than - 25 research papers in
international conferences and reputed journals. He is the recipient of the several talks for his area of interest in many public
occasions. He is an expert committee member of an AICTE and various technical bodies. He had written Kannada text book,
with an entitled, “COMPUTER PARICHAYA”, for the benefits of all teaching and Students Community of Karnataka. Dr
.Manjaiah D.H’s areas interest are Computer Networking & Sensor Networks, Mobile Communication, Operations
Research, E-commerce, Internet Technology and Web Programming.

8. This document was created with Win2PDF available at http://www.win2pdf.com.
The unregistered version of Win2PDF is for evaluation or non-commercial use only.
This page will not be added after purchasing Win2PDF.