Tuesday, March 2, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections

August 15, 2019
in Internet Privacy
New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Over a billion Bluetooth-enabled devices, including smartphones, laptops, smart IoT devices, and industrial devices, have been found vulnerable to a high severity vulnerability that could allow attackers to spy on data transmitted between the two devices.

The vulnerability, assigned as CVE-2019-9506, resides in the way ‘encryption key negotiation protocol’ lets two Bluetooth BR/EDR devices choose an entropy value for encryption keys while pairing to secure their connection.

You might also like

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

Why do companies fail to stop breaches despite soaring IT security investment?

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

Referred to as the Key Negotiation of Bluetooth (KNOB) attack, the vulnerability could allow remote attackers in close proximity to targeted devices to intercept, monitor, or manipulate encrypted Bluetooth traffic between two paired devices.

The Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate, also known as “Bluetooth Classic”) is a wireless technology standard that has typically been designed for relatively short-range, continuous wireless connection such as streaming audio to headsets or portable speakers.

From the security point of view, the core specification of Bluetooth BR/EDR protocol supports encryption keys with entropy between 1 and 16 bytes/octets, where the higher value means more security.

However, researchers find that the entropy negotiation, which devices perform over the Link Manager Protocol (LMP), is neither encrypted nor authenticated, and can be hijacked or manipulated over-the-air.

How Does Bluetooth BR/EDR Key Negotiation Vulnerability Works?

The newly discovered Bluetooth vulnerability could allow a remote attacker to trick two targeted devices into agreeing on an encryption key with only 1 byte (8 bits) of entropy, eventually making it easy to brute-force the negotiated encryption keys.

“For example, assume that there are two controllers attempting to establish a connection: Alice and Bob. After authenticating the link key, Alice proposes that she and Bob use 16 bytes of entropy. This number, N, could be between 1 and 16 bytes. Bob can either accept this, reject this and abort the negotiation, or propose a smaller value,” explains an advisory published by the CERT Coordination Center.

“Bob may wish to propose a smaller N value because he (the controller) does not support the larger amount of bytes proposed by Alice. After proposing a smaller amount, Alice can accept it and request to activate link-layer encryption with Bob, which Bob can accept.”

However, by exploiting the reported vulnerability “an attacker, Charlie, could force Alice and Bob to use a smaller N by intercepting Alice’s proposal request to Bob and changing N.”

Once decrypted, the attacker can passively capture encrypted messages being transmitted over the Bluetooth traffic, decrypt the ciphertext and inject valid valid ciphertext, all in real-time and stealthy.

Besides this, it is also important to note that, for an attack to be successful:

  • both Bluetooth devices must be establishing a BR/EDR connection,
  • both Bluetooth devices must be vulnerable to this flaw,
  • the attacker should be able to block direct transmissions between devices while pairing, and
  • the attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked.

Moreover, the official advisory released by Bluetooth.com also says, “Since not all Bluetooth specifications mandate a minimum encryption key length, it is possible that some vendors may have developed Bluetooth products where the length of the encryption key used on a BR/EDR connection could be set by an attacking device down to a single octet.”

Affected Vendors/Software/OS and Patch Updates

This vulnerability was discovered by a team of researchers including Daniele Antonioli from SUTD, Dr. Nils Ole Tippenhauer from CISPA and Prof. Kasper Rasmussen from the University of Oxford.

“We evaluate the KNOB attack on more than 14 Bluetooth chips from different vendors such as Intel, Broadcom, Apple, and Qualcomm. All the chips accept 1 byte of entropy except the Apple W1 chip that accepts (at least) 7 bytes of entropy,” the researchers said in a detailed paper [PDF] released yesterday.

To mitigate KNOB attack, the maintainers of the Bluetooth specifications have strongly recommended device manufacturers and software vendors to enforce a minimum encryption key length of 7 octets for BR/EDR connections.

To patch this vulnerability, various affected vendors have already started releasing security updates for their operating systems, firmware, and software, including:


Credit: The Hacker News By: noreply@blogger.com (Unknown)

Previous Post

Free book - Containerize your Apps with Docker and Kubernetes and impact of containers for AI on Edge devices

Next Post

Top security technology trends in 2019: Transforming the future of work in security

Related Posts

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions
Internet Privacy

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

March 2, 2021
Why do companies fail to stop breaches despite soaring IT security investment?
Internet Privacy

Why do companies fail to stop breaches despite soaring IT security investment?

March 2, 2021
Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites
Internet Privacy

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

March 2, 2021
SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020
Internet Privacy

SolarWinds Blames Intern for Weak Password That Led to Biggest Attack in 2020

March 1, 2021
Cisco Releases Security Patches for Critical Flaws Affecting its Products
Internet Privacy

Cisco Releases Security Patches for Critical Flaws Affecting its Products

February 27, 2021
Next Post
Top security technology trends in 2019: Transforming the future of work in security

Top security technology trends in 2019: Transforming the future of work in security

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Australia’s new ‘hacking’ powers considered too wide-ranging and coercive by OAIC
Internet Security

Australia’s new ‘hacking’ powers considered too wide-ranging and coercive by OAIC

March 2, 2021
DSC Weekly Digest 01 March 2021
Data Science

DSC Weekly Digest 01 March 2021

March 2, 2021
The case for Bayesian Learning in mining
Machine Learning

The case for Bayesian Learning in mining

March 2, 2021
Scientists have built this ultrafast laser-powered random number generator
Internet Security

Scientists have built this ultrafast laser-powered random number generator

March 2, 2021
Companies in the Global Data Science Platforms Resorting to Product Innovation to Stay Ahead in the Game
Data Science

Companies in the Global Data Science Platforms Resorting to Product Innovation to Stay Ahead in the Game

March 2, 2021
Aries becomes next Hyperledger project graduating to active status
Blockchain

Aries becomes next Hyperledger project graduating to active status

March 2, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Australia’s new ‘hacking’ powers considered too wide-ranging and coercive by OAIC March 2, 2021
  • DSC Weekly Digest 01 March 2021 March 2, 2021
  • The case for Bayesian Learning in mining March 2, 2021
  • Scientists have built this ultrafast laser-powered random number generator March 2, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates