How BTv4.2 Prevents Tracking of Bluetooth Smart Devices

Published on June 25, 2015

Archived Notice

This article has been archived and may contain broken links, photos and out-of-date information. If you have any questions, please Contact Us.

How BTv4.2 Prevents Tracking of Bluetooth Smart Devices

By Mahendra Tailor, Senior Staff Engineer and Jordan Manser, Technical Writer

A key enabler for the Internet of Things (IoT), Bluetooth Low Energy (BLE) is expected to connect billions of things in just a few years. The latest Bluetooth specification, v4.2, will connect a variety of devices ranging from wearables and appliances to automobiles and industrial equipment with no restriction to connection topology. In addition to the performance improvements due to bigger data packets, Bluetooth v4.2 was designed with the IoT in mind with features like IPv6 connectivity that make it easier to connect directly to the internet. Additionally, the latest specification comes geared with increased security and privacy that prevents Bluetooth Smart devices from being tracked, which is a huge step in securing the IoT. Here’s how it’s done.

BLE radios come with four types of 6 byte MAC addresses, and on-air packets have information in the header that specify which type of address is being used. If the address type is “resolvable address” then a device is allowed to change the address randomly as often as it likes – even faster than every second.

Now, you may be asking, “If I am a trusted person, how do I know the MAC address is a device I am bonded with?”

Here’s the answer – If you are a trusted person, you will have, at some time in the past, paired with that device. As part of the pairing process you will each exchange a 128 bit Identity Resolving Key (IRK) – Both sides have a different but unique key that never changes throughout their lifetimes.

A resolvable MAC address is created by taking a random 3 byte value, passing that into an AES encryption log using the 128 bit IRK, and then taking the lower 3 bytes of the AES result and appending it to the 3 bytes you started with. Therefore when a device gets a resolvable address, it is identified as such, and you will go to the trusted device database and for each device calculate the same algorithm (there is usually a hardware accelerator in place to make this painless).

If there is a match then it is a known device and can proceed to make a connection if it so wishes or process the advert data appropriately.

This feature was available since Bluetooth v4.0, but now it has been formalized. The Bluetooth SIG says that the updated spec is the ideal wireless technology for the IoT, connecting more devices and things to the internet. The increased security and privacy is a crucial element that will ensure that devices can operate securely. Check out our previous blog post, Bluetooth v4.2 Lays the Groundwork for IoT, which goes into more details about the update.

Stay in the wireless industry loop and subscribe to the Wireless Connectivity Blog!