Bluetooth security
There are two types of Bluetooth® in Apple devices, Bluetooth Classic and Bluetooth Low Energy (BLE). The Bluetooth security model for both versions includes the following distinct security features:
Pairing: The process for creating one or more shared secret keys
Bonding: The act of storing the keys created during pairing for use in subsequent connections to form a trusted device pair
Authentication: Verifying that the two devices have the same keys
Encryption: Message confidentiality
Message integrity: Protection against message forgeries
Secure Simple Pairing: Protection against passive eavesdropping and protection against man-in-the-middle attacks
Bluetooth version 4.1 added the Secure Connections feature to Bluetooth Classic (BR/EDR) physical transport.
The security features for each type of Bluetooth are listed below.
Support | Bluetooth Classic | Bluetooth Low Energy |
---|---|---|
Pairing | P-256 elliptic curve | FIPS-approved algorithms (AES-CMAC and P-256 elliptic curve) |
Bonding | Pairing information stored in a secure location in iOS, iPadOS, macOS, tvOS, and watchOS devices | Pairing information stored in a secure location in iOS, iPadOS, macOS, tvOS, and watchOS devices |
Authentication | FIPS-approved algorithms (HMAC-SHA256 and AES-CTR) | FIPS-approved algorithms |
Encryption | AES-CCM cryptography, performed in the Controller | AES-CCM cryptography, performed in the Controller |
Message integrity | AES-CCM, used for message integrity | AES-CCM, used for message integrity |
Secure Simple Pairing: Protection against passive eavesdropping | Elliptic Curve Diffie-Hellman Exchange (ECDHE) | |
Secure Simple Pairing: Protection against man-in-the-middle (MITM) attacks | Two user-assisted numeric methods: numerical comparison or passkey entry | Two user-assisted numeric methods: numerical comparison or passkey entry Pairings require a user response, including all non-MITM pairing modes |
Bluetooth 4.1 or later | iMac Late 2015 or later MacBook Pro Early 2015 or later | iOS 9 or later iPadOS 13.1 or later macOS 10.12 or later tvOS 9 or later watchOS 2.0 or later |
Bluetooth 4.2 or later | iPhone 6 or later | iOS 9 or later iPadOS 13.1 or later macOS 10.12 or later tvOS 9 or later watchOS 2.0 or later |
Bluetooth Low Energy privacy
To help secure user privacy, BLE includes the following two features: address randomization and cross-transport key derivation.
Address randomization is a feature that reduces the ability to track a BLE device over a period of time by changing the Bluetooth device address on a frequent basis. For a device using the privacy feature to reconnect to known devices, the device address, referred to as the private address, must be resolvable by the other device. The private address is generated using the device’s identity resolving key exchanged during the pairing procedure.
iOS 13 or later and iPadOS 13.1 or later have the ability to derive link keys across transports, a feature known as cross-transport key derivation. For example, a link key generated with BLE can be used to derive a Bluetooth Classic link key. In addition, Apple added Bluetooth Classic to BLE support for devices that support the Secured Connections feature that was introduced in the Bluetooth Core Specification 4.1 (see the Bluetooth Core Specification 5.1).