当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy
arXiv - CS - Cryptography and Security Pub Date : 2020-09-24 , DOI: arxiv-2009.11776
Daniele Antonioli, Nils Ole Tippenhauer, Kasper Rasmussen, Mathias Payer

The Bluetooth standard specifies two incompatible wireless transports: Bluetooth Classic (BT) for high-throughput services and Bluetooth Low Energy (BLE) for very low-power services. BT and BLE have different security architectures and threat models, but they use similar security mechanisms. In particular, pairing enables two devices to establish a long term key to secure the communication. Two devices have to pair over BT and BLE to use both transports securely. Since pairing the same devices two times is considered user-unfriendly, Bluetooth v4.2 introduced Cross-Transport Key Derivation (CTKD). CTKD allows two devices to pair once, either over BT or BLE, and generate both BT and BLE long term keys. Despite CTKD allowing traversal of the security boundary between BT and BLE, the security implications of CTKD have not yet been investigated. We present the first security analysis of CTKD and identify five cross-transport issues for BT and BLE. These issues enable, for the first time, exploitation of both BT and BLE by attacking either transport. Based on the identified issues, we demonstrate four novel cross-transport attacks resulting in device impersonation, traffic manipulation, and malicious session establishment. We refer to them as BLUR attacks, as they blur the security boundary between BT and BLE. The BLUR attacks are standard-compliant and therefore apply to all devices supporting CTKD, regardless of implementation details. We successfully demonstrate the BLUR attacks on 13 devices with 10 unique Bluetooth chips, and discuss effective countermeasures. We disclosed our findings and countermeasures to the Bluetooth SIG in May 2020.

中文翻译:

BLURtooth:利用蓝牙经典和低功耗蓝牙中的交叉传输密钥推导

蓝牙标准指定了两种不兼容的无线传输:用于高吞吐量服务的蓝牙经典 (BT) 和用于极低功耗服务的蓝牙低功耗 (BLE)。BT 和 BLE 具有不同的安全架构和威胁模型,但它们使用相似的安全机制。特别是,配对使两个设备能够建立长期密钥以确保通信安全。两个设备必须通过 BT 和 BLE 配对才能安全地使用这两种传输。由于将同一设备配对两次被认为对用户不友好,因此蓝牙 v4.2 引入了跨传输密钥派生 (CTKD)。CTKD 允许两个设备通过 BT 或 BLE 配对一次,并生成 BT 和 BLE 长期密钥。尽管 CTKD 允许穿越 BT 和 BLE 之间的安全边界,但尚未调查 CTKD 的安全影响。我们对 CTKD 进行了首次安全分析,并确定了 BT 和 BLE 的五个交叉传输问题。这些问题首次允许通过攻击任一传输来利用 BT 和 BLE。基于已识别的问题,我们展示了四种导致设备模拟、流量操纵和恶意会话建立的新型跨传输攻击。我们将它们称为 BLUR 攻击,因为它们模糊了 BT 和 BLE 之间的安全边界。BLUR 攻击符合标准,因此适用于所有支持 CTKD 的设备,无论实现细节如何。我们使用 10 个独特的蓝牙芯片成功地演示了对 13 台设备的 BLUR 攻击,并讨论了有效的对策。我们于 2020 年 5 月向蓝牙 SIG 披露了我们的发现和对策。通过攻击任一传输来利用 BT 和 BLE。基于已识别的问题,我们展示了四种导致设备模拟、流量操纵和恶意会话建立的新型跨传输攻击。我们将它们称为 BLUR 攻击,因为它们模糊了 BT 和 BLE 之间的安全边界。BLUR 攻击符合标准,因此适用于所有支持 CTKD 的设备,无论实现细节如何。我们使用 10 个独特的蓝牙芯片成功地演示了对 13 台设备的 BLUR 攻击,并讨论了有效的对策。我们于 2020 年 5 月向蓝牙 SIG 披露了我们的发现和对策。通过攻击任一传输来利用 BT 和 BLE。基于已识别的问题,我们展示了四种导致设备模拟、流量操纵和恶意会话建立的新型跨传输攻击。我们将它们称为 BLUR 攻击,因为它们模糊了 BT 和 BLE 之间的安全边界。BLUR 攻击符合标准,因此适用于所有支持 CTKD 的设备,无论实现细节如何。我们使用 10 个独特的蓝牙芯片成功演示了对 13 台设备的 BLUR 攻击,并讨论了有效的对策。我们于 2020 年 5 月向蓝牙 SIG 披露了我们的发现和对策。我们将它们称为 BLUR 攻击,因为它们模糊了 BT 和 BLE 之间的安全边界。BLUR 攻击符合标准,因此适用于所有支持 CTKD 的设备,无论实现细节如何。我们使用 10 个独特的蓝牙芯片成功地演示了对 13 台设备的 BLUR 攻击,并讨论了有效的对策。我们于 2020 年 5 月向蓝牙 SIG 披露了我们的发现和对策。我们将它们称为 BLUR 攻击,因为它们模糊了 BT 和 BLE 之间的安全边界。BLUR 攻击符合标准,因此适用于所有支持 CTKD 的设备,无论实现细节如何。我们使用 10 个独特的蓝牙芯片成功地演示了对 13 台设备的 BLUR 攻击,并讨论了有效的对策。我们于 2020 年 5 月向蓝牙 SIG 披露了我们的发现和对策。
更新日期:2020-09-25
down
wechat
bug