A critical Bluetooth security flaw has left millions of devices potentially at risk of data eavesdropping, forcing companies like Apple and Microsoft to patch their products in order to protect users. The Key Negotiation of Bluetooth Attack, or KNOB Attack, relies on poorly designed or implemented wireless security during the Bluetooth communications process, which a hacker could exploit if presented with the right conditions.
By design, Bluetooth connections between devices are encrypted. That way, the theory goes, whatever passes between, say, your phone and your laptop will be protected. However the resilience of that encryption depends on the strength of the encryption key used.
That strength has been subject to negotiation between the devices. When a Bluetooth link is initiated, one device suggests the length of the key they will both use; the other device can agree to that, or propose a smaller version. Assuming the two devices eventually agree, the encrypted link is established.
The problem, the researchers responsible for figuring out the KNOB Attack discovered, is inherent to the limits set on that key process. Were an attacker to intercept the initial linking communications between the two devices, and spoof them both into thinking that a single byte should be used for the encryption key, each device could unwittingly agree to that. The attacker could then readily brute-force its way through the encryption and, undetected, monitor everything that passes between those devices.
What makes this particularly egregious is the flexibility built into the Bluetooth Basic Rate / Enhanced Data Rate Core Configurations (Bluetooth BR/EDR). They’re designed to accept between 1 and 16 bytes, and leave the key negotiation protocol unsecured. Because of that, even if the two devices would typically each be pushing – and agreeing on – tougher encryption, a 1 byte proposal would be accepted because it’s Bluetooth standards-compliant.
The nature of Bluetooth and Bluetooth connections does mean that the scope of the exploit is a little limited. For a start, the hacker would need to be within wireless range of two targeted devices which were in the midst of establishing a Bluetooth BR/EDR connection. Even if that were the case, it would also need to block legitimate key negotiation messages so that its own could be transmitted and accepted by the target devices, then crack the encryption key in a timely manner.
Since encryption key size negotiation happens every time the encryption is turned on, a hacker would also need to be in place to repeat that process. Other types of Bluetooth connection – including Bluetooth LE – are unaffected.
As a result, the Bluetooth SIG – the standards body for Bluetooth – says it has no evidence of an attack actually taking place in the wild. Indeed, in a statement it pointed out that it “is not aware of any devices implementing the attack having been developed, including by the researchers who identified the vulnerability. ”
Still, the possibility is enough to prompt some changes in how Bluetooth security works. The Bluetooth SIG has updated the Bluetooth Core Specification to a minimum encryption key length of 7 for BR/EDR, for example, and newly-certified devices will have to satisfy that requirement in order to be eligible for qualification.
Existing devices, meanwhile, should be getting patches if they haven’t already – the researchers notified the Bluetooth SIG back in November 2018 of its findings. That’s a long list, it turns out.
“We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices),” the researchers say. “At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”
Microsoft and Apple are among the companies who have already pushed out patches, though obviously how protected you are depends on how timely you’ve been with your updating.