August 16, 2019 | 12:11
Researchers have released details of a major security vulnerability in the Bluetooth standard, allowing malicious entities to force extremely low entropy on encryption key exchange and easily monitor communications.
A short-range radio standard popular for everything from keyboards and mice to smartphone headsets, Bluetooth is ubiquitous. According to researchers Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen, however, it has a serious security flaw in its core design: A means by which an attacker can reduce the entropy of a negotiated encryption key to just one byte, making it trivially crackable using brute-force approaches and allowing them to monitor supposedly-private communications.
Dubbed the Key Negotiation of Bluetooth Attack or, in what must have provided a few moments of amusement for the researchers, the KNOB Attack, the vulnerability affects any device which properly adheres to the Bluetooth Basic Rate/Enhanced Data Rate (Bluetooth BR/EDR) standard - which is, effectively, anything which talks Bluetooth but isn't limited to the newer Bluetooth Low Energy (BLE) standard.
'The attack allows a third party, without knowledge of any secret material (such as link and encryption keys), to make two (or more) victims agree on an encryption key with only 1 byte (8 bits) of entropy. Such low entropy enables the attacker to easily brute force the negotiated encryption keys, decrypt the eavesdropped ciphertext, and inject valid encrypted messages (in real-time),' the trio explain. 'The attack is stealthy because the encryption key negotiation is transparent to the Bluetooth users. The attack is standard-compliant because all Bluetooth BR/EDR versions require to support encryption keys with entropy between 1 and 16 bytes and do not secure the key negotiation protocol. As a result, the attacker completely breaks Bluetooth BR/EDR security without being detected..'
The flaw isn't limited to any one manufacturer, having its origins in the very standard itself. The Bluetooth Special Interest Group was notified late last year, before the public notification this week, and vendors given a chance to add workarounds to the flaw. 'If your device was not updated after late 2018,' the team warns, 'it is likely vulnerable. Devices updated afterwards might be fixed.'
October 14 2021 | 15:04