November 28, 2023 at 04:59PM
Researchers at Eurecom have discovered six new Bluetooth attacks called ‘BLUFFS’ that can compromise the secrecy of Bluetooth sessions, leading to device impersonation and man-in-the-middle attacks. These attacks exploit flaws in the Bluetooth standard and can impact billions of devices. The researchers have provided a toolkit on GitHub to demonstrate the effectiveness of BLUFFS. Bluetooth SIG recommends implementing certain modifications to enhance session key derivation and mitigate these attacks.
Meeting notes summary:
– Researchers at Eurecom have discovered six new attacks on Bluetooth sessions called ‘BLUFFS’.
– BLUFFS exploits two flaws in the Bluetooth standard related to session key derivation.
– The flaws are architectural and affect Bluetooth at a fundamental level, impacting versions 4.2 to 5.4.
– BLUFFS can break Bluetooth session secrecy, allowing for device impersonation and man-in-the-middle attacks.
– The attack involves exploiting vulnerabilities in the session key derivation process to derive a weak and predictable session key.
– Attacker is required to be within Bluetooth range of the targets and impersonates one to negotiate for a weak session key.
– BLUFFS works regardless of Secure Connections (SC) or Legacy Secure Connections (LSC) support.
– Eurecom researchers have shared a toolkit on GitHub to demonstrate the effectiveness of BLUFFS.
– BLUFFS affects Bluetooth versions 4.2 to 5.4 and has been tested against various devices.
– The paper proposes modifications to enhance session key derivation and mitigate BLUFFS and similar threats.
– Bluetooth SIG has received the report and suggests implementing measures to reject low key strengths, use higher encryption strength, and operate in ‘Secure Connections Only’ mode.
Let me know if you need any further information or clarification.