In this update – Security Update; Approved: LE ECU; To BARB: MshCDB, AICS, VOCS, VCS-VCP; NWP: Lyrics Support; IOP Events: CSWG, GAWG, MedWG, EPWG, SFWG, DFWG, MeshWG

Confidentiality Reminder: This email and all documents referenced in it are Bluetooth SIG Confidential Information and are subject to the to which all SIG members have agreed. The restricts the sharing of information to within the Bluetooth SIG and prohibits sharing of Bluetooth SIG Confidential Information with anyone that is not a member of Bluetooth SIG.
13 August 2019
Bluetooth Technical Updates

Security Update

Security researchers recently identified a vulnerability related to encryption on Bluetooth BR/EDR connections. The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up encryption on a BR/EDR connection between two devices in such a way as to reduce the length of the encryption key used. In such cases where an attacking device was successful in setting the encryption key to a shorter length, the attacking device could then initiate a brute force attack and have a higher probability of successfully cracking the key and then be able to monitor or manipulate traffic during that session.

To remedy the vulnerability, on 2019-08-13, the Bluetooth SIG Board of Directors adopted Erratum 11838, which affects Bluetooth Core Specification versions 4.2 to 5.1 and adds a recommendation of a minimum encryption key length of 7 octets for encrypted BR/EDR connections. The SIG will also soon include testing for this new recommendation within our Bluetooth Qualification Program.

For more information, please refer to the following:
Tip: If you have any trouble downloading the document, please make sure you are logged in to www.bluetooth.com and then copy-paste the web address from the link above.

0.5/DIPD Approved by BARB Notice

(available to Associate and Promoter members only)

A draft of the specifications listed below has been approved by the Bluetooth Architectural Review Board (BARB) and is available on Specification Workspace for your review. The draft is available to Associate and Promoter members only. Do not share with anyone else:
Tip: If you have any trouble downloading the document, please make sure you are logged in to www.bluetooth.com and then copy-paste the web address from the link above.

Submitted for BARB Review Notice

Drafts of the specifications listed below have been submitted to the Bluetooth Architectural Review Board (BARB) for review and are available on Specification Workspace for your review:
Tip: If you have any trouble downloading the documents, please make sure you are logged in to www.bluetooth.com and then copy-paste the web address from the links above.

New Work Proposal Updates

The following NWP is available for review. In order for NWPs to be approved, minimum commitment levels must be met by Bluetooth SIG members. Please review this document and indicate your commitment to participate in the completion of the resulting FRD within Specification Workspace.
  • Lyrics Support NWP – Proposes to extend the Bluetooth Audio Video Remote Control Profile (AVRCP) specification to enable support for song lyrics metadata.
Tip: If you have any trouble downloading the specifications, please make sure you are logged in to www.bluetooth.com and then copy-paste the web address from the links above.

IOP Testing Events

The purpose of the Bluetooth interoperability (IOP) test session is to bring all event participants together at a single location to validate adopted prototyping specifications and to find and resolve interoperability issues. Formal IOP testing events are open to all members.

For more IOP event details and access to the latest draft specifications, Test Suites, and IOP test plans, please register for an event.

26–28

Aug 2019

IOP Testing Event for the Core Specification Working Group (CSWG)
Location: San Diego, California, United States
This IOP testing event will be held to test the following features:
  • LE Isochronous Channels – ISOAL for CIS
  • LE Isochronous Channels – ISOAL for BIS

Register Now →

06–10

Sep 2019

Formal IOP Testing Event for the Core Specification Working Group (CSWG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • EATT
  • LE Isochronous Channels
  • LE Power Control

Register Now →

06–10

Sep 2019

Formal IOP Testing Event for the Generic Audio Working Group (GAWG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Audio Input Control Service
  • Volume Control Profile and Service
  • Volume Offset Control Service

Register Now →

06–09

Sep 2019

Formal IOP Testing Event for the Medical Devices Working Group (MED WG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Device Time Profile and Service

Register Now →

06–09

Sep 2019

Formal IOP Testing Event for the Easy Pairing Working Group (EP WG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Easy Pairing Profile and Service

Register Now →

06–10

Sep 2019

Formal IOP Testing Event for the Sports and Fitness Working Group (SF WG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Physical Activity Monitor Profile and Service

Register Now →

07–10

Sep 2019

Formal IOP Testing Event for the Direction Finding Working Group (DF WG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Asset Tracking Profile
  • Constant Tone Extension Service
  • Indoor Positioning Profile and Service Enhancements

Register Now →

0913

Sep 2019

Formal IOP Testing Event for the Mesh Working Group (Mesh WG)
Location: Dallas, Texas, United States (Working Group Summit)
This formal IOP testing event will be held to test the following features:
  • Mesh Certificate-Based Provisioning
  • Mesh Remote Provisioning

Register Now →

Unsubscribe or manage your subscription preferences | View our privacy policy

PROPRIETARY AND CONFIDENTIAL: DO NOT FORWARD THIS MESSAGE OR SHARE THE INFORMATION CONTAINED THIS MESSAGE WITH ANYONE THAT IS NOT A BLUETOOTH SIG MEMBER. The information contained in the above transmission is provided “as is” for informational purposes only. Bluetooth SIG provides no warranties or representations and disclaims all warranties, expressed or implied, including any warranty of merchantability, title, non-infringement, fitness for any particular purpose or that the information is accurate or free of errors. Bluetooth SIG expressly disclaims all liability arising out of or relating to use of this transmission and all information contained herein. Nothing in the above transmission should be construed as granting a license of any kind to recipient.

Copyright 2019. Bluetooth SIG, Inc. The Bluetooth word mark and logos are owned by the Bluetooth SIG, Inc. Other trademarks and trade names are those of their respective owners.

Bluetooth SIG, Inc. | 5209 Lake Washington Blvd. NE, Suite 350 | Kirkland, WA USA
www.bluetooth.com