Publication

Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy

Daniele Antonioli
2020
Journal Articles

Abstract

Bluetooth (BR/EDR) and Bluetooth Low Energy (BLE) are pervasive wireless technologies specified in the Bluetooth standard. The standard includes key negotiation protocols used to generate long-term keys (during pairing) and session keys (during secure connection establishment). In this work, we demonstrate that the key negotiation protocols of Bluetooth and BLE are vulnerable to standard-compliant entropy downgrade attacks. In particular, we show how an attacker can downgrade the entropy of any Bluetooth session key to 1 byte, and of any BLE long-term key and session key to 7 bytes. Such low entropy values enable the attacker to brute-force Bluetooth long-term keys and BLE long-term and session keys, and to break all the security guarantees promised by Bluetooth and BLE. As a result of our attacks, an attacker can decrypt all the ciphertext and inject valid ciphertext in any Bluetooth and BLE network.

Official source

https://infoscience.epfl.ch/entities/publication/bbcd6705-2b92-491c-beb4-b550ffea7c98

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Daniele Antonioli
2020
Journal Articles

Abstract

Official source

https://infoscience.epfl.ch/entities/publication/bbcd6705-2b92-491c-beb4-b550ffea7c98

About this result

Related concepts (27)

Bluetooth

Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is limited to 2.5 milliwatts, giving it a very short range of up to . It employs UHF radio waves in the ISM bands, from 2.402 GHz to 2.48 GHz. It is mainly used as an alternative to wire connections, to exchange files between nearby portable devices and connect cell phones and music players with wireless headphones.

Bluetooth Low Energy

Bluetooth Low Energy (Bluetooth LE, colloquially BLE, formerly marketed as Bluetooth Smart) is a wireless personal area network technology designed and marketed by the Bluetooth Special Interest Group (Bluetooth SIG) aimed at novel applications in the healthcare, fitness, beacons, security, and home entertainment industries. It is independent of classic Bluetooth and has no compatibility, but Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) and LE can coexist.

Bluetooth stack

A Bluetooth stack is software that is an implementation of the Bluetooth protocol stack. Bluetooth stacks can be roughly divided into two distinct categories: General-purpose implementations that are written with emphasis on feature-richness and flexibility, usually for desktop computers. Support for additional s can typically be added through drivers. Embedded system implementations intended for use in devices where resources are limited and demands are lower, such as Bluetooth peripheral devices.

Related publications (32)

On the Theory and Practice of Modern Secure Messaging

Daniel Patrick Collins

Billions of people now have conversations daily over the Internet. A large portion of this communication takes place via secure messaging protocols that offer "end-to-end encryption'" guarantees and resilience to compromise like the widely-used Double Ratc ...

EPFL2024

Secure and Efficient Cryptographic Algorithms in a Quantum World

Loïs Evan Huguenin-Dumittan

Since the advent of internet and mass communication, two public-key cryptographic algorithms have shared the monopoly of data encryption and authentication: Diffie-Hellman and RSA. However, in the last few years, progress made in quantum physics -- and mo ...

EPFL2024

Anonymous Tokens with Stronger Metadata Bit Hiding from Algebraic MACs

Serge Vaudenay, Fatma Betül Durak

On the one hand, the web needs to be secured from malicious activities such as bots or DoS attacks; on the other hand, such needs ideally should not justify services tracking people's activities on the web. Anonymous tokens provide a nice tradeoff between ...

2023