Bluetooth is down: BIAS attacks threaten all mainstream Bluetooth chips
[Copy link]
Due to the defects of the Bluetooth security protocol itself, mainstream Bluetooth chips from companies including Apple, Intel, Samsung, Qualcomm, CSR, etc. are facing the threat of BIAS counterfeit attacks.
Researchers at the Swiss Federal Institute of Technology in Lausanne (EPFL) have discovered a security vulnerability in Bluetooth Classic that could allow an attacker to spoof paired devices, insert a malicious device into an established Bluetooth pairing, and masquerade as a trusted endpoint. This could allow an attacker to capture sensitive data from other devices.
The vulnerabilities are said to expose everything from the Internet of Things (IoT) to mobile phones to laptops to Bluetooth Impersonation Attacks (BIAS) and have not yet been fixed in the Bluetooth specification, although some affected vendors may have already taken remediation measures.
The researchers said:
We performed BIAS attacks on 28 unique Bluetooth chips (30 different devices). At the time of writing, we tested chips from Cypress, Qualcomm, Apple, Intel, Samsung, and CSR. All devices tested were vulnerable to BIAS attacks.
The root of the problem lies in the pairing/bonding protocol used in the Bluetooth specification. When two Bluetooth devices are paired for the first time, they exchange a persistent encryption key ("long-term key") that is then stored to allow the endpoints to bond thereafter and connect to each other without having to go through the lengthy pairing process again.
For the attack to be successful, the attacking device must be within wireless range of a vulnerable Bluetooth device and the attacker must already know the Bluetooth address of a device that the device has previously paired with (Editor's note: obtaining such addresses is fairly easy).
The connection after pairing is enabled because these devices (let's call them Alice and Bob) will perform a background check to ensure that they both possess the long-term key. This is done using the Legacy Secure Connections or Secure Connections protocol in the Bluetooth specification, which verifies three things: Alice's Bluetooth address, Bob's Bluetooth address, and the shared long-term key.
Bluetooth technology uses the Legacy Secure Connections or Secure Connections protocol to verify the Bluetooth addresses and shared long-term keys of both parties in Bluetooth communication.
But as the researchers explain in a paper released this week:
An attacker can change its Bluetooth address to mimic the Bluetooth address of either party in a Bluetooth communication, but cannot provide the long-term key, which is the basis of Bluetooth authentication and is also considered to be able to prevent spoofing attacks.
However, researchers found that there are bugs in the verification process of the above protocol, which makes the connection after pairing vulnerable to BIAS spoofing attacks. These security issues that have been discovered include: Bluetooth secure connection establishment is neither encrypted nor integrity protected; the establishment of the old version of secure connection does not require mutual authentication; Bluetooth devices can perform role switching at any time after baseband paging; devices paired using secure connections can use the old version of secure connections during the establishment of secure connections.
According to the paper, there are several possible attack scenarios, especially for device pairs that bond using the older, classic Bluetooth secure connection.
According to CERT's security advisory, BIAS spoofing attacks can also be used in conjunction with Bluetooth Key Negotiation (KNOB) attacks, which would give an attacker full access to a paired device.
Last August, the industry discovered the KNOB attack method that can brute force Bluetooth communication keys.
According to CERT, the KNOB method allows an attacker to "impersonate a Bluetooth device, authenticate without possessing the communication key, negotiate a session key with low entropy, establish a secure connection, and brute-force the session key."
The Bluetooth Special Interest Group (SIG) said in a notification that it will update the Bluetooth core specification to clearly define when role switching is allowed, require legacy Bluetooth certifications to perform mutual authentication, and recommend checking encryption types to avoid encryption downgrades.
"Until now, the Bluetooth SIG strongly recommends that vendors ensure that Bluetooth encryption keys are no less than 7 characters long. Bluetooth hosts are required to enforce mutual authentication when performing legacy authentication and to support connecting in secure mode only when possible. Bluetooth devices must not independently signal a change in device trust without first establishing an encrypted connection."
Finally, the researchers said: Currently, any Bluetooth device that complies with the standard is vulnerable to attacks.
According to the BIAS website: After the BIAS attack was first disclosed in 2019, some vendors may have deployed vulnerability mitigation measures, so if your Bluetooth device has never been updated after December 2019, it is more vulnerable to BIAS attacks.
BIAS, Bluetooth Impersonation Attacks:
https://francozappa.github.io/about-bias/publication/antonioli-20-bias/antonioli-20-bias.pdf
https://francozappa.github.io/about-bias/
| 
提升卡
变色卡
千斤顶