The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-121 Revision 2: “Guide to Bluetooth Security.”
The Special Publication (SP) 800-121 was released on January 19, 2022 and provides security guidance for Bluetooth, an open standard for short-range radio frequency (RF) communication and is the wireless technology used primarily to establish wireless personal area networks (WPANs).
An abstract from NIST SP 800-121 Rev. 2 (download PDF here):
“Bluetooth wireless technology is an open standard for short-range radio frequency communication used primarily to establish wireless personal area networks (WPANs), and has been integrated into many types of business and consumer devices. This publication provides information on the security capabilities of Bluetooth and gives recommendations to organizations employing Bluetooth wireless technologies on securing them effectively. The Bluetooth versions within the scope of this publication are versions 1.1, 1.2, 2.0 + Enhanced Data Rate (EDR), 2.1 + EDR, 3.0 + High Speed (HS), 4.0, 4.1, and 4.2. Versions 4.0 and later support the low energy feature of Bluetooth.”
As noted in the Bluetooth security guidelines, users should always use the strongest Bluetooth security mode that is available for their Bluetooth devices.
For example, for newer devices that support the latest security mode (such as Bluetooth 4.1) that have have BR, EDR, and High Speed (HS) features, they should take advantage of Security Mode 4, Level 4. NIST recommends this level since it requires “Secure Connections, which uses authenticated pairing and encryption using 128-bit strength keys generated using FIPS-approved Advanced Encryption Standard (AES) encryption.”
For Bluetooth 2.1 through 4.0 devices, Security Mode 4, Level 3 is the preferred security level. For older Bluetooth 2.0 devices (and older), Security Mode 3 is recommended.