Devices supporting Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to man-in-the-middle (MITM) attacks, according to the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University researchers.
The vulnerability, dubbed “BLURtooth,” could let attackers overwrite or reduce the encryption key strength for pairing Bluetooth devices securely, allowing additional access to profiles or services that are not otherwise restricted.
The vulnerability stems from implementation flaws supporting pairing and encryption with both Bluetooth BR/EDR and LE in Bluetooth Specifications 4.2 through 5.0, the researchers noted. According to a statement released by the organization overseeing the development of Bluetooth standards (Bluetooth SIG), the attacking device needs to be within wireless range of a vulnerable Bluetooth device for an attack to succeed.
“If a device spoofing another device’s identity becomes paired or bonded on a transport and CTKD is used to derive a key which then overwrites a pre-existing key of greater strength or that was created using authentication, then access to authenticated services may occur,” Bluetooth SIG added. “This may permit a Man In The Middle (MITM) attack between devices previously bonded using authenticated pairing when those peer devices are both vulnerable.”
The Bluetooth SIG suggested mitigation steps for potentially vulnerable devices, including:
- Additional conformance tests to ensure the overwrite of an authenticated key with an unauthenticated key is not permitted in devices supporting Bluetooth Core Specification version 5.1 or greater
- Adding restrictions on Cross-Transport Key Derivation mandated in Bluetooth Core Specification versions 5.1 and greater
- Making sure that devices restrict the pairing mode duration and overwrite an existing bonding only when devices are explicitly in pairing mode