PIN
/pɪn/
n. "Shared numeric passcode used during legacy Bluetooth pairing generating 128-bit link key."
PIN, short for Personal Identification Number, authenticates initial Bluetooth device pairing by requiring identical 4-16 digit codes entered on both master/slave—combined with BD_ADDR and random challenge to derive 128-bit link key via SAFER+ hashing for subsequent authentication/encryption without re-entry. Legacy Bluetooth 2.0+ uses "0000"/"1234" defaults (security risk) while modern Secure Simple Pairing (SSP) replaces PINs with numeric comparison, passkey entry, or out-of-band (NFC) methods.
Key characteristics of PIN include: Shared Secret both devices input identical 4-16 alphanumeric codes; Link Key Generation PIN+BD_ADDR+challenge → SAFER+ → 128-bit K_AB; Challenge-Response prevents replay using 32-bit RAND per connection; Legacy Only replaced by LE Secure Connections (P-256 ECDH); Default Weakness "0000"/"1234" vulnerable to brute-force dictionary attacks.
Conceptual example of PIN usage:
/* Bluetooth Legacy PIN → Link Key derivation (simplified) */
uint8_t pin_code = "1234"; // User-entered PIN
uint8_t bd_addr; // Remote device address
uint8_t rand_challenge; // 128-bit random number
uint8_t link_key; // 128-bit result
void bluetooth_legacy_pairing() {
// Step 1: User enters PIN on both devices
// Step 2: IN_RAND + BD_ADDR → E22 (SAFER+ encryption)
uint8_t in_rand;
memcpy(in_rand, rand_challenge, 16);
memcpy(in_rand + 8, bd_addr, 6);
memcpy(in_rand + 14, pin_code, strlen(pin_code));
// Step 3: E22(PIN, IN_RAND) → Key K_AB
safer_plus_encrypt(pin_code, in_rand, link_key);
// Step 4: Store link_key for future authentication
store_link_key(bd_addr, link_key);
// Authentication: challenge-response using K_AB
}
Conceptually, PIN seeds symmetric link key shared only after manual verification—both devices compute identical K_AB from PIN+device identity+race condition nonce, enabling encrypted TDMA slots within FHSS/AFH piconets. Weak defaults ("0000") enabled early eavesdropping attacks; modern Bluetooth LE Secure Connections use elliptic curve Diffie-Hellman eliminating shared secrets entirely.