
In 2019 we disclosed two families of high impact attacks affecting the entropy negotiation protocols of Bluetooth Classic (BC) and Bluetooth Low Energy (BLE). We named the attacks Key Negotiation of Bluetooth (KNOB) attacks. They are tracked as CVE-2019-9506.
Our first work titled The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR explains how to exploit BC’s entropy negotiation to downgrade the entropy of a Bluetooth security key to 1 byte and then brute-force it.
In a follow-up work titled Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy we analyzed also BLE and found that it is vulnerable as well to the KNOB attacks. In this case the attacker can downgrade the entropy of BLE security key to 7 bytes and then brute-force it.
USENIX Security 2019 Paper Presentation
Bluetooth blues: KNOB attack explained. — Research Saturday
BIAS + KNOB attack against Bluetooth IACR Attacks in Crypto
From Bluetooth Standard to Standard Compliant 0-days Hardwear.io
Related
Publications
PDF Cite Code Project Project Slides Video CVE-2019-9506 CVE-2020-10135
PDF Cite Code Project Slides Video Website CVE-2019-9506 CyberWire Oxford IR1915
Events
Talk on Automotive Bluetooth Security at AMUSEC'25.
Cars are some of the most security-critical consumer devices. On the one hand, owners expect rich infotainment features, including audio, hands-free calls, contact management, or navigation through their connected mobile phone. On the other hand, the infotainment unit exposes exploitable wireless attack surfaces. This talk focuses on protocol-level Bluetooth threats on vehicles, a critical but unexplored wireless attack surface. These threats are crucial because they are portable across vehicles, and they can achieve impactful goals, such as accessing sensitive data or even taking remote control of the vehicle. Their evaluation is novel as prior work focused on other wireless attack surfaces, notably Bluetooth implementation bugs. Among relevant protocol-level threats, we pick the KNOB and BIAS attacks because they provide the most effective strategy to impersonate arbitrary Bluetooth devices and are not yet evaluated against vehicles.
In this talk we will explore recent research on real world wireless security protocols. We will cover standard protocols such as Bluetooth pairing and session establishment and proprietary ones such as IoT application layer protocols used to secure traffic between companion mobile applications and electric scooters and fitness trackers.
Keynote given at ACSW'24 (EuroS&P Workshop) covering Automotive Bluetooth Security and E-Spoofer.