Researchers have discovered a flaw in some Bluetooth implementations that could allow an attacker to intercept or tamper with data exchanged between two vulnerable devices.
The cryptographic bug, tracked as CVE-2018-5383, has been identified by scientists at the Israel Institute of Technology. It impacts two related Bluetooth features: Secure Simple Pairing and LE Secure Connections.
The Bluetooth Special Interest Group (SIG), which is the governing body behind the Bluetooth standard, explained that some Bluetooth implementations or operating system software drivers fail to validate the public encryption key received over-the-air during device pairing.
To be sure, such a check is not required, but only recommended by the Bluetooth specification. Or, rather, it was, as SIG has also announced an update to the Bluetooth specification to the effect that all parameters used for public key-based Bluetooth connections are required to be validated.
The US CERT Coordination Center (CERT/CC) released additional details about the vulnerability, explaining that Bluetooth’s device-pairing mechanism relies on elliptic-curve Diffie-Hellman (ECDH) key exchange. “The ECDH key pair consists of a private and a public key, and the public keys are exchanged to produce a shared pairing key. The devices must also agree on the elliptic curve parameters being used,” reads the advisory.
“In some implementations, the elliptic curve parameters are not all validated by the cryptographic algorithm implementation, which may allow a remote attacker within wireless range to inject an invalid public key to determine the session key with high probability. Such an attacker can then passively intercept and decrypt all device messages, and/or forge and inject malicious messages,” according to CERT/CC.
All’s not lost
Software and firmware updates are expected over the coming weeks, said CERT/CC, so users are well-advised to stay tuned for fixes from vendors.
Apple, Broadcom, and Intel have all confirmed the flaw, and the first two have already released patches. Qualcomm’s chipsets are also listed as affected in CERT/CC’s advisory, while the implications for Android, Google, and Linux kernel vis-à-vis the vulnerability have yet to be determined. Windows is in the clear.
As per SIG, the bug is not known to have been exploited in the wild. Either way, such a man-in-the-middle attack would require the perpetrators to place themselves within the range of both targeted Bluetooth-enabled devices that are going through the pairing procedure. In addition, both devices need to be vulnerable for the attack to succeed.
Arguably, the easiest countermeasure is turning Bluetooth off whenever you’re not using it.