Security Foul in Bluetooth
Critical New Bluetooth Security Issue Leaves Your Devices (And Data) Open To Attack
We all use it, all of the time. But now a Bluetooth Security Notice has been issued after the disclosure of a critical vulnerability that would enable an "attacking device" to interfere with the connection encryption process, essentially stealing the encryption key and accessing the data traffic between target devices. We don't spend much time thinking about the security between our paired devices and the data moving between them. But this latest disclosure—and the 'update now' warning that comes with it—suggests we should start doing exactly that.
The vulnerability, which has been dubbed "Key Negotiation of Bluetooth, or KNOB," can attack Bluetooth Classic devices 1.0 to 5.1. It was identifiedby researchers at the Center for IT-Security, Privacy and Accountability (CISPA) and the disclosure has been published in coordination with multiple vendors—including Microsoft, Apple, Intel, Cisco, and Amazon.
The researchers who made the disclosure warn that such an attack would "allow a third party, without knowledge of any secret material (such as link and encryption keys), to make two (or more) victims agree on an encryption key—enabling the attacker to easily brute force the negotiated encryption keys, decrypt the eavesdropped ciphertext, and inject valid encrypted messages (in real-time)."
The very simplicity and ease of use of Bluetooth is its weakness in this instance. "The attack is stealthy because the encryption key negotiation is transparent to the Bluetooth users. The attack is standard-compliant because all Bluetooth BR/EDR versions require to support encryption keys with entropy between 1 and 16 bytes and do not secure the key negotiation protocol. As a result, the attacker completely breaks Bluetooth BR/EDR security without being detected."
The disclosure warns that "all tested devices" from Bluetooth chips from the likes of Intel, Broadcom, Apple, and Qualcomm "are vulnerable to the KNOB attack."
The vulnerability relates to the encryption process between two connecting Bluetooth devices, and has exposed weaknesses in how those devices share information around the minimum length of required keys as well as the keys themselves. Clearly, if the length of the keys can be reduced—without breaking the pairing process—then an attack becomes much simpler.
"Not all Bluetooth specifications mandate a minimum encryption key length," the Security Notice acknowledges, "it is possible that some vendors may have developed Bluetooth products where the length of the encryption key used on a BR/EDR connection could be set by an attacking device down to a single octet."
Where an attacking device can shorten the key length, the disclosure warns that "the attacking device could then initiate a brute force attack and have a higher probability of successfully cracking the key and then be able to monitor or manipulate traffic."
And this is a major issue. Forget headphones and speakers—what about printers, data and image exchange between devices and car systems, to name but a few. It is also unclear what levels of data could be intercepted during a successful attack.
This is Bluetooth, and so an attacking device needs to be in range of two devices attempting to connect, so it can effect its attack. And both devices need to be vulnerable for the operation to work. And it gets even more complex from there, the time window the attacking device has to intercept and manipulate the keys and then mount a brute force attack is short. And every time the encryption is enabled the same attack would need to take place, given that "the encryption key size negotiation takes place each time."
No evidence exists of a successful exploitation of the vulnerability. But a weakness is a weakness, and as ever, once disclosed, the risks go up until fixes are deployed. The two interesting factors here are whether this could be part of a targeted attack rather than a mass-scale weakness, and that this comes hot on the heels of multiple IoT vulnerability disclosures. The tech might be different, but the "no safety in numbers" weaknesses found in high-volume consumer products is broadly the same.
To resolve the issue, the Bluetooth Core Specification has changed "to recommend a minimum encryption key length of 7 octets for BR/EDR connections." All product developers are being told to update existing solutions as a matter of urgency "enforce a minimum encryption key length of 7 octets for BR/EDR connections."
The security researchers who disclosed KNOB have warned it is "a serious threat to the security and privacy of all Bluetooth users—we were surprised to discover such fundamental issues in a widely used and 20 years old standard." They criticise the ambiguity in standards enforcement and the accountability for security.
And for users—"as always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers." As ever with IoT, the issue is that you're less likely to update the firmware on a Bluetooth device than a computer, and that's now an issue you need to think about.
Comments
Post a Comment