A large number of device manufacturers patch a serious vulnerability in the Bluetooth specification that allows attackers to intercept and manipulate wirelessly exchanged data. Users who use Bluetooth to connect smartphones, computers, or other security-sensitive devices should make sure they install a fix as soon as possible.
The attack, published in a study released Wednesday, is serious because it allows people to perform a man-in-the-middle attack on the connection between vulnerable devices. From there, attackers can view all exchanged data, such as: For example, contacts stored on a device, passwords typed on a keyboard, or sensitive information used by medical devices, points of sale, or vehicles. Attackers could also fake keystrokes on a Bluetooth keyboard to open a command window or malicious Web site that directly compromises the connected phone or computer.
Bluetooth combines simple secure coupling or LE-proof connections with principles of elliptical English: www.weisang.info/index.php?id=1
"This attack allows an attacker to read and change the Bluetooth traffic during pairing, something they know," said JP Smith, a security engineer and Bluetooth security expert at the security firm Trail of Bits, on Ars. "It's not mathematically / theoretically novel at all, and it's actually the simplest attack you can do on elliptic-curve cryptosystems, noteworthy if it's a protocol-level error, so if you implement the Bluetooth specification from within the book have this error (without an optional validation). "
The active man-in-the-middle attack that allows data to be changed works successfully on 50 percent of the pairings, with the remainder failing. A related passive attack works on 25 percent of the pairings. Attackers who are unsuccessful on the first try may try on more pairings later. Attacks work even when paired, the user must enter a six-digit number on one device in the other. Attacks require specialized hardware that would probably not be difficult to build or obtain for more advanced hackers.
In the article, researchers from the Technion-Israel Institute of Technology write:
We would like to highlight two major flaws making our attack possible. The first design error is sending both the x-coordinate and the y-coordinate during public key exchange. This is unnecessary and highly inconvenient, since it greatly increases the attack surface, while the calculation of the y-coordinate from a given x-coordinate is easy.
The second major flaw is that while both coordinates of the public key are paired during the second phase of the pairing, the protocol only authenticates the x coordinate. We do not know why the designers decided not to have the y-coordinate authenticated, except that they saved a tiny bit of computational overhead. Although the point validity should be checked by the implementation, our attack could also have been avoided if both coordinates were authenticated.
Another less significant flaw is that the protocol designers say, "To protect a device's private key, a device should implement a method that prevents an attacker from using useful private key information through the private key To do this, a device can use one of the following methods. "In this quote, the specification uses the phrase" should "(as opposed to" must "). Therefore, the implementers may skip the command, as this is not required for compliance with the specification.
A variety of devices and software – including those running macOS, iOS or Android or LG or Huawei – have already received patches. In a FAQ, the researchers explained that Bluetooth from Microsoft "implements an old version of the standard that is even less secure than the broken contemporary standard." A recommendation from CERT is here.
For successful attacks, both paired devices must be vulnerable. That is, as long as both are patched, users are not vulnerable. People using Bluetooth to transfer sensitive data or control trusted devices should ensure that patches are installed on at least one of them. While patches are available for many mainstream devices, many more specialized ones are likely to be used in hospitals, stores, and other environments that are not protected for the foreseeable future. Users of these devices should contact the manufacturers.