Researchers have found a flaw in Bluetooth’s authentication protocols which can be exploited in a clever, man-in-the-middle attack between two paired devices. The issue affects almost all Bluetooth devices, but fortunately for everyone, there are no signs that it’s been used in the wild so far.
A newly discovered vulnerability in the Bluetooth protocol shows how a malicious actor can reduce the encryption strength for the keys used in the pairing of Bluetooth devices and gain complete control over them as a result. The flaw has been acknowledged by the official body that’s in charge of the Bluetooth standard, and is serious enough that it required a change to the official specification.
The way it works is quite creative: instead of trying to brute-force a pairing with your device, an attacker could instead try to interfere with the normal pairing procedure, when both devices have to agree on the connection using an exchange of public keys that verify their identities. These keys change every time, but if the attacker can guess them fast enough, they can force a shorter encryption key for the next pairing, as low as a single octet — which is the size of one character.
The flaw was discovered by researchers from the Singapore University of Technology and Design, Oxford, and CISPA Helmholtz Center for Information Security, who dubbed it KNOB, short for “Key Negotiation of Bluetooth.” The tests were conducted on more than 17 different Bluetooth chips that are common in consumer products, and all of them were vulnerable to the KNOB attack.
The findings were presented at the USENIX Security Symposium, and while Bluetooth Low Energy isn’t affected by KNOB, traditional Bluetooth chips from major manufacturers like Intel, Broadcom, Qualcomm, Chicony and even Apple are vulnerable to the attack. The reason it was deemed as a serious flaw is that victims of a KNOB attack are none the wiser about it. It’s also worth noting that it even works on previously paired devices, provided that both are vulnerable.
On the upside, the whole attack is a race against time, and the hacker would have to be in range of the two devices at the exact moment the pairing takes place. Then, they’d have to “intercept, manipulate, and retransmit key length negotiation messages between the two devices while also blocking transmissions from both,” which is as challenging as it sounds. And the attack needs to be repeated this way every time encryption gets enabled.
Bluetooth SIG notes there is no evidence that anyone has exploited the vulnerability in the wild, and while all current Bluetooth BR/EDR devices are susceptible to it, there is an easy fix that Microsoft and Apple are already rolling out. The Bluetooth Core Specification has also been changed to require manufacturers to hardcode a minimum encryption key length of seven octets (characters) in future devices.
Earlier this year there was a similar revelation of a security flaw in the Bluetooth protocol that allows devices to be tracked using an easier exploit. And yet both vulnerabilities may be less of a reason to worry than the 10 percent tariffs that will reflect in the price of many devices imported in the US starting next month.