Is Bluetooth encrypted?
I wonder if the BLE (v4.0) traffic is encrypted by default or by design, or is it just optional? If the former, is the traffic encrypted using a key derived just from the pairing pin or is there some kind of session key as well - like with WPA2? If the former, would the encryption key be a long-term key then which doesn't seem so secure?
I read on Wikipedia that AES-128 is supported, and chips like the CC2540 provide hardware acceleration, but it's not clear if AES encryption is an option or mandatory by design. IIRC, Bluetooth 2.1 offers a non-secure mode so encryption is only optional, but I wonder if the same applies to BLE.
Is Bluetooth encrypted can be answered as -
IMHO encryption is mandatory after devices have been paired, as the initiator must send a maximum key size to be used:
Maximum Encryption Key Size (1 octet) This value defines the maximum encryption key size in octets that the device can support. The maximum key size shall be in the range 7 to 16 octets. This ensures my comment also that since 2.1 encryption is mandatory. So you cannot choose a key size of lets say 0 length, in order to get paired. I don´t know however if there is an ad-hoc mode available which would allow non-paired data exchange (but I don't believe this). Note that this means only encrypted data streams. Authentication is a different thing. For example, you cannot verify that you connect to the right Bluetooth headset as it has no display or keyboard (still you could read it´s MAC address before you confirm, e.g.). So with some pairing modes I would assume that authentication is on a low trust level (by design). IMHO as Bluetooth was a replacement for serial/infrared communication in the beginning, it always struggled with security. I would consider it a nice feature for some gadgets, but would not exchange sensitive information (= it's not equal to WiFi or LAN).