SoylentNews

upstart writes in with an IRC submission:

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices:

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. This allows attackers to capture sensitive data from the other device.

The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds.

"We conducted BIAS attacks on more than 28 unique Bluetooth chips (by attacking 30 different devices)," the researchers said. "At the time of writing, we were able to test chips from Cypress, Qualcomm, Apple, Intel, Samsung and CSR. All devices that we tested were vulnerable to the BIAS attack."

The issue lies in the pairing/bonding protocols used in the specification. When two Bluetooth devices are paired for the first time, they exchange a persistent encryption key (the "long-term key") that will then be stored, so that the endpoints are thereafter bonded and will connect to each other without having to perform the lengthier pairing process every time.

For the attacks to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device that has previously established bonding with a remote device with a Bluetooth address known to the attacker.

The post-pairing connections are enabled because the devices – let's call them Alice and Bob – perform a background check to make sure both possess the long-term key. This is done using the Legacy Secure Connections or Secure Connections protocols inside the Bluetooth specification, which verify three things: Alice's Bluetooth address, Bob's Bluetooth address and the shared long-term key.

As the researchers explained in their paper released on Monday, an attacker (let's call him Charlie) can change his Bluetooth address to mimic either Alice or Bob's address (uncovered via simple eavesdropping), but he cannot prove the ownership of [the long-term key]." The researchers explained, "this is the fundamental assumption behind Bluetooth's authentication guarantees, and this assumption should protect against impersonation attacks."

They added, "Both procedures authenticate [the long-term key] using a challenge-response protocol, and the procedure selection depends on Alice and Bob' supported features. The standard claims that both procedures protect secure connection establishment against impersonation attacks, as an attacker who does not know [the long-term key] cannot provide a correct response to a challenge."

However, several bugs exist in these processes, they found, opening the door for BIAS gambits while that post-pairing connection is being carried out. The problems include: The Bluetooth secure connection establishment is neither encrypted nor integrity-protected; Legacy Secure Connections secure connection establishment does not require mutual authentication; a Bluetooth device can perform a role switch anytime after baseband paging; and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment.

Original Submission