How Encryption Works in Bluetooth
Bluetooth devices on an encrypted link share a common “link key” used to exchange encrypted data. How that link key is created depends on the paring method. Paring methods have evolved and changed throughout Bluetooth history. The earlier legacy method was used up through Bluetooth 2.0. Improved and simpler pairing methods began with Bluetooth 2.1 and remain in the current version Bluetooth 4.0.
For a Bluetooth sniffer to be able to decrypt the encrypted data, it must also have this shared link key. For obvious security reasons, the link key is never sent over the air, so either the user must get the key out of one of the devices being sniffed and supply the key to the sniffer or the sniffer must create the key itself.