Decade-old Bluetooth Flaw Lets Hackers Steal Data Passing Between Devices
Serious error in the wireless protocol also lets hackers tamper with data.
A large number of device makers is patching a serious vulnerability in the Bluetooth specification that allows attackers to intercept and tamper with data exchanged wirelessly. People who use Bluetooth to connect smartphones, computers, or other security-sensitive devices should make sure they install a fix as soon as possible.
The attack, which was disclosed in a research paper published Wednesday, is serious because it allows people to perform a man-in-the-middle attack on the connection between vulnerable devices. From there, attackers can view any exchanged data, which might include contacts stored on a device, passwords typed on a keyboard, or sensitive information used by medical, point-of-sale, or automotive equipment. Attackers could also forge keystrokes on a Bluetooth keyboard to open up a command window or malicious website in an outright compromise of the connected phone or computer.
Bluetooth combines Simple Secure Pairing or LE Secure Connections with principles of elliptic curve mathematics to allow devices that have never connected before to securely establish a secret key needed for encrypted communications. The attack uses a newly developed variant of what cryptographers call an invalid curve attack to exploit a major shortcoming in the Bluetooth protocol that remained unknown for more than a decade. As a result, attackers can force the devices to use a known encryption key that allows the monitoring and modifying of data wirelessly passing between them.
“This attack lets an attacker who can read and modify Bluetooth traffic during pairing force the key to be something they know,” JP Smith, a security engineer and Bluetooth security expert at security firm Trail of Bits, told Ars. “It’s not mathematically/theoretically novel at all, and it’s in fact about the simplest attack you can do on elliptic curve cryptosystems. Notably, this is a protocol-level fault, so if you implemented the Bluetooth spec out of the book (without some optional validation), you have this bug.”
The active man-in-the-middle attack that allows data to be modified works successfully on 50 percent of the pairings, with the remainder failing. A related passive attack works on 25 percent of the pairings. Attackers who don't succeed on the first attempt are free to try on later pairings. Attacks work even when pairings require the user to type a six-digit number displayed on one device into the other one. Attacks require specialized hardware that probably wouldn’t be hard for more advanced hackers to build or obtain.
In the paper, researchers from Technion–Israel Institute of Technology write:
We would like to point out two major design flaws that make our attack possible. The first design flaw is sending both the x-coordinate and the y-coordinate during the public key exchange. This is unnecessary and highly inadvisable, since it greatly increases the attack surface, while calculating the y-coordinate from a given x-coordinate is simple.
The second major flaw is that although both coordinates of the public keys are sent during the second phase of the pairing, the protocol authenticates only the x-coordinate. We are not aware of any reason why the designers decided to leave the y-coordinate unauthenticated, other than for saving a tiny computational effort. Even though the point validity should be checked by the implementation, our attack could have also been avoided if both coordinates were authenticated.
Another less significant flaw is that in the protocol designers state that “To protect a device’s private key, a device should implement a method to prevent an attacker from retrieving useful information about the device’s private key using invalid public keys. For this purpose, a device can use one of the following methods.” In this quote, the specification uses the term “should” (as opposed to “must”). Therefore, implementors may skip the instruction as it is not mandatory for compliance with the specification.
A variety of devices and software—including those running macOS, iOS, or Android or made by LG or Huawei—have already received patches. In a FAQ, the researchers said Bluetooth from Microsoft “implements an old version of the standard, which is even less secure, rather than the broken contemporary standard.” An advisory from CERT is here.
For attacks to be successful, both of the paired devices must be vulnerable. That means as long as either one is patched, users aren’t susceptible. People who use Bluetooth to transmit sensitive data or control trusted devices should ensure they have installed patches on at least one of them. While patches are available for many mainstream devices, there are likely many more specialized ones used in hospitals, stores, and other environments that will remain unprotected for the foreseeable future. Users of these devices should check with manufacturers.
- Security Cloud Consultant, Design / Review / Advise, London
** Actively recruiting- Able to hire** Security Cloud Consultant, Design / Review / Advise with both technical design / architecture and information security (technical risk assessment) experience is needed to help a growing consultancy work with multiple clients on various security programmes. The responsibilities of the role will include, but not be limited to; Delivering high level security related design, discovering and advising against any security risk within a client’s current architecture, reviewing security architecture plans, design related consultation, technical review of architecture against policies. The Security Cloud Consultant, Design / Review / Advise, needs to have a broad Security Architecture experience including Cloud security Azure, Office265 / AWS is essential. Any of the following would be desirable, although not essential. AZ-500: Microsoft Azure Security Technologies AZ-303: Microsoft Azure Architect Technologies Travel will be required. Given the nature of the clients, the individual must be elidable to achieve UK Security clearance. Apply today for more information Chris.email@example.com https://www.linkedin.com/in/chrisholt1/ 07884666351
- eDiscovery Relativity Consultant
- Up to £65,000
REFCH7559 eDiscovery Relativity Consultant, Processing onwards, London, £65,000 London Experienced eDiscovery Relativity Consultant needed to join a London based client. The eDiscovery Relativity Consultant MUST have experience from the process stage onwards of the EDRM cycle. Processing, Review, Analysis, Production, Presentation. Experience optimising and improving analytics highly desirable. Identification and collection experience is useful but not essential. This individual commutable to London based as the role will be predominately office based Relativity Certified Administrator (RCA) Relativity Analytics Specialist Relativity Processing Specialist Relativity Certified User Relativity Infrastructure Specialist Fluency one or more European languages is desirable but not essential. Structured career progression available. All details kept in the strictest of confidence. Contact me on Chris.firstname.lastname@example.org 07884666351 or 02086634030
- Cyber Security Consultant, New Job, Devon, £60,000
Can interview and hire remotely without face to face. Cyber Security Consultant is needed in a client-facing consultancy role in the Devon area. Cyber Security Consultant needs to have a strong information security experience with a technical hands-on background. Travel will be involved with other clients, but a larger proportion of the time will be within the Devon area. This is a Security consultancy role so travel to other client site locations across the country will be expected. Broad InfoSec experience is desirable given the range of projects/programmes you will be involved in. The individual will be required to achieve or currently hold SC security clearance. Apply today. All details kept in the strictest of confidence. Chris.Holt@dclsearch.com 07884666351
- New Business Hunter - Cloud interconnect Services
- €75,000 + €75,000 OTE
Paris Reference RA 7376 Salary up to €75,000 plus 75,000 OTE New Business Hunter - Cloud Interconnect Services A new business hunter is required for this expanding Cloud Connect Services company who are looking to expand their presence within the French Market. They are looking for the right individual who enjoys targeting and winning large enterprise clients, You will be responsible for developing and managing a sales pipeline (qualification of leads, prospecting, monitoring of opportunities, closing ...) in order to go in search of future customers This is a great opportunity to join a rapidly growing business, where you will have the opportunity to become a key member of the Paris team, you will be selling a solution that is in high demand at the moment and will only become more in demand as more business adopt their cloud strategies The company currently has a number of large scale global enterprises as customers so you will have plenty of case studies to call upon. We are looking fr someone with proven new business skills, who can demonstrate new Logo accounts that they have won recently, you will need to be selling either telecom or cloud solutions and have a good understanding on connectivity services