WAC3 Talk About KNOB and BIAS Attacks
I’m glad to give a talk about the
on Bluetooth at the third
Workshop on Attacks in Cryptography (WAC)
CRYPTO 2020. The Workshop will be held online on Zoom the 16th of August 2020, and my talk will be from 13:20 to 14:00 (EDT) in the Attacks on Standards session (session IV).
This is the talk abstract:
Bluetooth is a ubiquitous technology for low power wireless communications. Bluetooth runs on billions of devices including mobile, wearables, home automation, smart speakers, headsets, industrial and medical appliances, and vehicles. As a result, Bluetooth’s attack surface is huge and includes significant threats such as identity thefts, privacy violations, and malicious device control.
Bluetooth is a complex technology specified in an open standard. The standard defines two wireless stacks Bluetooth Classic for high throughput services (e.g., audio and voice) and Bluetooth Low Energy (BLE) for very low power services (e.g., localization, and monitoring). The standard defines security mechanisms to protect the confidentiality, integrity, and authenticity of Bluetooth communications. Those mechanisms include pairing to share a long term key among two devices, and secure session establishment to let two paired devices negotiate session keys to protect their communication. A single vulnerability in a standard-compliant security mechanism translates into billions of exploitable devices.
This talk reviews several standard-compliant vulnerabilities that we recently uncovered on the key negotiation and authentication mechanisms of Bluetooth Classic and BLE. We also describe how to exploit such vulnerabilities to perform key negotiation attacks on Bluetooth Classic and BLE (KNOB attacks, CVE-2019-9506) and impersonation attacks on Bluetooth Classic (BIAS attacks, CVE-2020-10135). The attacks are presented together with a detailed description of the Bluetooth treat model and the affected security mechanism. We also explain how we implemented such attacks using low-cost hardware and open-source software and how we evaluated them on actual devices from the major vendors including Apple, Broadcom, Cypress, CSR, Google, Intel, Microsoft, and Qualcomm. Finally, we describe how the Bluetooth standard was amended after the disclosure of our attacks, our proposed countermeasures, and why most of the Bluetooth devices are still vulnerable to our attacks.
For more details about the KNOB and BIAS attacks have a look at the related research papers:
- The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR, USENIX Security 2019.
- Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy, ACM TOPS 2020.
- BIAS: Bluetooth Impersonation AttackS, IEEE S&P 2020.
Please join the virtual WAC, and thanks Eyal Ronen and Mathy Vanhoef for organizing it and for the invitation!