Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Way To Crack Secure Bluetooth Devices

Posted by Zonk on from the mind-what-you-say dept.

moon_monkey writes "Cryptographers have discovered a way to hack Bluetooth-enabled devices even when security features are switched on, according to a report from New Scientist.com. The discovery may make it even easier for hackers to eavesdrop on conversations and charge their own calls to someone else's cellphone. From the article: 'Our attack makes it possible to crack every communication between two Bluetooth devices, and not only if it is the first communication between those devices,'"

12 of 137 comments (clear)

  1. The Paper: Cracking the Bluetooth PIN by Anonymous Coward · · Score: 2, Informative



    Cracking the Bluetooth PIN


    This paper describes the implementation of an attack on the Bluetooth security mechanism. Specifically, we describe a passive attack, in which an attacker can find the PIN used during the pairing process. We then describe the cracking speed we can achieve through three optimizations methods. Our fastest optimization employs an algebraic representation of a central cryptographic primitive (SAFER+) used in Bluetooth. Our results show that a 4-digit PIN can be cracked in less than 0.3 sec on an old Pentium III 450MHz computer, and in 0.06 sec on a Pentium IV 3Ghz HT computer.

    --AS

  2. Re:Article is missing an important detail by wyoung76 · · Score: 3, Informative
    From TFA:

    Wool and Shaked have managed to force pairing by pretending to be one of the two devices and sending a message to the other claiming to have forgotten the link key.

    So, it's an automatic and remote attack which doesn't rely upon any cooperation from either of the two original Bluetooth devices.

  3. Re:A fix... by plover · · Score: 4, Informative
    Don't use bluetooth! To me it seems very unnessesary to have a bt enabled phone.

    Then not only didn't you RTFA, but apparently you haven't used Bluetooth, either. Bluetooth is an extremely useful mechanism for many of us. It lets my PDA get on line; and when I hop in my vehicle, my car stereo magically becomes my car phone whenever it rings.

    I just wish more devices were Bluetooth enabled (and that this security hole didn't exist.) As is, I'm not losing sleep over this as I don't have a public-transit commute (the sort of place where breaks seem most likely to happen.)

    --
    John
  4. Re:Why, oh why ? by cebailey · · Score: 2, Informative

    Maybe I'm missing a beat here, but TFA says that the communications between Bluetooth devices ARE encrypted...it's simply a Bluetooth device's "heartbeat" that's unencrypted, and it allows for hacking.

    Now, if they maybe wanted to use more encryption so the key isn't as breakable, that would be an idea...but it would probably mean more expensive hardware, and longer PINs.

    My boss always says security and ease of use are on two opposite ends of a line, and with any system you have to put the 'x' somewhere. Bluetooth chose to plant their 'x' pretty close to the Ease of Use side, which cost them security.

    But then again, if I see the little "B" icon on my v600 and my headset's not on my ear, I know SOMETHING's up...

  5. Re:Article is missing an important detail by MadRocketScientist · · Score: 5, Informative

    Digging up their paper, it seems that it is not automatic:

    If the attack is successful, the Bluetooth user will need to enter the PIN again - so a suspicious user may realize that his Bluetooth device is under attack and refuse to enter the PIN.

  6. Not such a big threat by Zarhan · · Score: 3, Informative

    Ok, before this the attacker could only attack when the target link was forming.

    With this, you can force them to re-form at will.

    Even so, you still need to bruteforce the PIN. The "PIN" is really a 16-byte field, and is not really limited to numeric (or even alphanumeric) characters.

    So what can be done:

    1) Start using long PIN codes (if your device is limited to numbers, at least use the maximum length)
    2) Software update that notifies user of the "forced re-pairing"
    3) Allow users to use PIN's beyond the numeric space or possibility to use some pre-shared secret keys.

    This affects those of you who use "1234" or similar keys for pairing process for convenience.

  7. Just take today's story... by Xaroth · · Score: 2, Informative

    ...add one of these bad boys and shake vigorously.

    Mmm... phreaky...

    --
    That green slime had it coming.
  8. Re:Article is missing an important detail by plover · · Score: 2, Informative
    The headsets I'm familiar with have a preset PIN (something like 0000 or 1111) that you have to enter into the phone. But they can't initiate the pairing process -- it has to be driven from the phone side. I suppose it's entirely possible for an attacker who sees you use a headset to set up his device to sniff your headset's ID, then pretend to be that headset with PIN 1111.

    Now a headset has only a limited set of functions it can perform -- they can't dial digits without a keypad, so they're usually restricted to voice recognition of pre-programmed names. So unless you wanted to steal a phonecall to my wife or my son, you probably won't find it very useful.

    That is, if headsets are restricted to "no dialing, no OBEX, no service discovery". If headsets are allowed to "change" their profile to suddenly support network dialing, keypads, and all that, then you're in big trouble from spoofers without even worrying about cracking the crypto.

    --
    John
  9. Re:Serious Flaw by Mike+Buddha · · Score: 2, Informative

    The device sends its key to anyone claiming to forgot theirs? That is a great design. Why wouldn't it only resend the key if it recognized the ID as something it already paired with? \

    RTFA. The hackers device tells the other device that it forgot the key. The pairing is deleted. The user has to re-pair the devices if he wants to use them again. The hacker can listen to that second pairing and use the previously discovered techniques to get the key.

    --
    by Mike Buddha -- Someday the mountain might get him, but the law never will.
  10. Re:Serious Flaw by sPaKr · · Score: 2, Informative

    It doesn't resend the key. The problem is that an unencrypted easily spoofable message can force the device to renegotiate a new key. This renegotiation is the vulnerable state. Really this just makes the orignal hack easier to preform in that it can happen when at any time instead of initial pairing of the two devices.

  11. Paper describing the attack by IcyHando'Death · · Score: 2, Informative
    The researchers who developed this new attack will be presenting their results in Seattle on Monday, June 6 at MobiSys 2005. Their paper can be viewed at http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys 05/

    Mike

  12. Re:Show me the code by moyix · · Score: 2, Informative

    Well, here might be a good place to look. The article doesn't actually tell you where to find the research, but it was posted on Schneier's blog this morning.

    Cheers,
    Brendan