Encryption vulnerability in various Bluetooth implementations
The lack of Bluetooth protocol has been overlooked for more than a decade, but thunder still struck. Check your devices!
Israeli scientists Eli Biham Lior and Newman have discovered a serious cryptographic vulnerability in the specification of the Bluetooth standard. The breach allows an attacker to carry out a man-in-the-middle attack to intercept and replace encryption keys during a connection between two devices. The problem is related to insufficient verification of security parameters and affects the implementation of the protocol in vendor device drivers such as Apple, Qualcomm, Intel and Broadcom, and many others.
The vulnerability numbered CVE-2018-5383 , announced by the Bluetooth SIG, potentially allows attackers to intervene in the pairing process of two devices via Bluetooth.
')
Image digit.in
During the pairing process, the devices “agree” on the creation of a shared private key, which will later be used to encrypt data. The initial data exchange takes place over an unsecured radio channel within the elliptic-curve Diffie-Hellman protocol (ECDH).
During pairing, two devices establish relationships by creating a shared secret known as the link key. If both devices store the same communication key, they are called paired or paired. A device that wants to communicate only with a paired device can cryptographically authenticate the identifier of the other device, ensuring that it is the same device it was previously paired with. After the communication key is created, communication over the Asynchronous Connection-Less (ACL) communication protocol between devices can be encrypted to protect the exchange data from eavesdropping. The user can optionally delete the communication keys from the device he owns, which breaks the pairing between devices. Therefore, the second device from the former “pair” of the device may still store the communication key for the device with which it is no longer associated.
Israeli researchers have found that in many cases, the parameters of the elliptic curve used for encryption are too simple. This omission allows an unauthorized attacker who is in the signal receiving area to substitute an incorrect public key during the pairing process of Bluetooth devices and with a high probability of imposing a session key used to encrypt the communication channel.
Image of arstechnica.com
Vulnerability exploitation seems to be rather difficult, but quite real, especially in combination with social engineering and low qualification of potential victims. The hacker must be located in a fairly small area (a few meters) of the confident reception of the Bluetooth signal of both attacked devices. However, if successful, the hacker gets the most opportunities for malicious activity.
The cause of the vulnerability is the presence in the Bluetooth specification of only optional recommendations for checking public keys when pairing devices in Bluetooth LE Secure Connections and Bluetooth Secure Simple Pairing modes. Currently, the Bluetooth SIG team has already corrected the specification and led the procedure for verifying any public keys to the category of mandatory, and added verification of compliance with the new requirement in the certification tests.
Vulnerability is present in the firmware and drivers from various manufacturers, including,
but not limited to vendors such as Apple, Broadcom, QUALCOMM and Intel. Fortunately for MacOS users, Apple released a fix for the bug as early as July 23.
Dell has released a new driver for modules based on Qualcomm , which it uses, while the Lenovo emergency update is for devices with Intel modules .
LG and Huawei mentioned the vulnerability CVE-2018-5383 in their bulletins for July updates for mobile devices.
It is not yet known whether the vulnerability is affected by Android, Google or the Linux kernel in a global way. This is not mentioned in the July Google Android Security Bulletin or earlier bulletins.
Although Microsoft said that the Windows system is not directly affected, Intel has published lists of numerous wireless modules whose software for Windows 7, 8.1 and 10, as well as for computers based on Chrome OS and Linux, is vulnerable.
It is worth remembering that if your mobile device is older than two or three years, it may also be susceptible to this and other Bluetooth vulnerabilities, but remain without a security patch from the manufacturer. It is recommended not to keep Bluetooth on permanently without real need (and it’s better not to turn it on at all) and to pair the devices only in a safe environment.
Israeli scientists Eli Biham Lior and Newman have discovered a serious cryptographic vulnerability in the specification of the Bluetooth standard. The breach allows an attacker to carry out a man-in-the-middle attack to intercept and replace encryption keys during a connection between two devices. The problem is related to insufficient verification of security parameters and affects the implementation of the protocol in vendor device drivers such as Apple, Qualcomm, Intel and Broadcom, and many others.
The vulnerability numbered CVE-2018-5383 , announced by the Bluetooth SIG, potentially allows attackers to intervene in the pairing process of two devices via Bluetooth.
')
Image digit.in
How to pair Bluetooth devices
During the pairing process, the devices “agree” on the creation of a shared private key, which will later be used to encrypt data. The initial data exchange takes place over an unsecured radio channel within the elliptic-curve Diffie-Hellman protocol (ECDH).
During pairing, two devices establish relationships by creating a shared secret known as the link key. If both devices store the same communication key, they are called paired or paired. A device that wants to communicate only with a paired device can cryptographically authenticate the identifier of the other device, ensuring that it is the same device it was previously paired with. After the communication key is created, communication over the Asynchronous Connection-Less (ACL) communication protocol between devices can be encrypted to protect the exchange data from eavesdropping. The user can optionally delete the communication keys from the device he owns, which breaks the pairing between devices. Therefore, the second device from the former “pair” of the device may still store the communication key for the device with which it is no longer associated.
What is the essence of vulnerability
Israeli researchers have found that in many cases, the parameters of the elliptic curve used for encryption are too simple. This omission allows an unauthorized attacker who is in the signal receiving area to substitute an incorrect public key during the pairing process of Bluetooth devices and with a high probability of imposing a session key used to encrypt the communication channel.
The attacking device needs to intercept the exchange of public keys, silence every transmission before it is received by the receiving party, send an acknowledgment of acceptance to the sending device, and then send the malicious data packet to the receiving device in a narrow time window.However, if only one of the connected devices is vulnerable, the attack is likely to fail. Having received the key, the attacker can intercept, decrypt and make changes to the Bluetooth traffic between two vulnerable devices.
Image of arstechnica.com
Vulnerability exploitation seems to be rather difficult, but quite real, especially in combination with social engineering and low qualification of potential victims. The hacker must be located in a fairly small area (a few meters) of the confident reception of the Bluetooth signal of both attacked devices. However, if successful, the hacker gets the most opportunities for malicious activity.
The cause of the vulnerability is the presence in the Bluetooth specification of only optional recommendations for checking public keys when pairing devices in Bluetooth LE Secure Connections and Bluetooth Secure Simple Pairing modes. Currently, the Bluetooth SIG team has already corrected the specification and led the procedure for verifying any public keys to the category of mandatory, and added verification of compliance with the new requirement in the certification tests.
Affected area
Vulnerability is present in the firmware and drivers from various manufacturers, including,
but not limited to vendors such as Apple, Broadcom, QUALCOMM and Intel. Fortunately for MacOS users, Apple released a fix for the bug as early as July 23.
Dell has released a new driver for modules based on Qualcomm , which it uses, while the Lenovo emergency update is for devices with Intel modules .
LG and Huawei mentioned the vulnerability CVE-2018-5383 in their bulletins for July updates for mobile devices.
It is not yet known whether the vulnerability is affected by Android, Google or the Linux kernel in a global way. This is not mentioned in the July Google Android Security Bulletin or earlier bulletins.
Although Microsoft said that the Windows system is not directly affected, Intel has published lists of numerous wireless modules whose software for Windows 7, 8.1 and 10, as well as for computers based on Chrome OS and Linux, is vulnerable.
Warning
It is worth remembering that if your mobile device is older than two or three years, it may also be susceptible to this and other Bluetooth vulnerabilities, but remain without a security patch from the manufacturer. It is recommended not to keep Bluetooth on permanently without real need (and it’s better not to turn it on at all) and to pair the devices only in a safe environment.
Source: https://habr.com/ru/post/418539/
All Articles