Bluetooth risk assessment underway after discovery of a ten-year defect



[ad_1]

  Favorites "title =" Favorite "clbad =" wpfp-img "/> <img decoding= Add to favorites

The vulnerability allows an attack by hackers in a wireless range of

Fixes continue to unfold following the discovery last week of a Bluetooth vulnerability that allows an attacker to intercept communications

The flaw was discovered by researchers of the Israel Institute of Technology. The CVE-2018-5383 identification marker has been badigned to the vulnerability in the Bluetooth protocol.

It affects almost all devices with a Bluetooth chipset and makes it connections between devices vulnerable to an intermediate-type attack that would allow for surveillance or manipulation of the traffic – if the attacker was within the radio range and then transmitted that Blu devices targeted etooth were initially pairing.

The problem comes from the use by Bluetooth of a splicing mechanism based on an elliptical curve. Hellman Key Exchange (ECDH)

When two devices wish to pair, they exchange their public keys and a private key is constructed using these keys and an elliptic curve parameter.

Essentially, two Bluetooth devices create a shared secret out, built from parts of their public and private cryptographic keys. This is used to encrypt all communications between devices

However, the researchers found that not all parameters of the curve were checked and validated by the cryptographic algorithm

Eli Biham Researchers and Lior Neumann at the Israel Institute of Technology commented in their disclosure of the flaw that: "As far as we know every Bluetooth chip manufactured by Intel, Broadcom or Qualcomm is affected." Therefore, almost every device, including including smartphones and headsets of all types, are affected. "

" In addition, the Android Bluetooth stack (Bluedroid) is affected when using smart Bluetooth. "Apple has provided fixes for MacOS and iOS The Windows Bluetooth Smart Stack did not implement the latest Bluetooth Smart Protocol and therefore remains vulnerable to older, simpler attacks. "

" This process provides the terrain for all the security and privacy features provided by Bluetooth. Not to secure this process compromises the entire Bluetooth session, "they add

This means that any attacker in the wireless scope can insert an invalid public key in the exchange that allows him to determine the actual key with a high success rate. Once in the hacker is not detected in the Bluetooth connection and can intercept and decrypt the communications of the devices trimmed, as well as insert or falsify the malicious messages that they want.

From the user's point of view, the only warning they will receive they are targeted if the attack does not introduce a public key into the mix, as this would prevent the connection and the user would get an authentication error.

The Bluetooth Special Interest Group (SIG), an agency responsible for overseeing the standards and licensing of Bluetooth technology has issued a statement in which it comments: "To address the vulnerability, Bluetooth SIG has now set out This means that the products must validate any public key received as part of security procedures based on public keys. "

  • The Google fix has been included in their June 2018 update. their bulletin of June 2018.
  • The publication of Intel is here
  • The publication of Apple for MacOS is here and here
  • The publication of Apple for iOS is here [19659017] Lenovo's information is here.
  • The reference of LG is here
  • The reference of Huawei is here
  • The patch of Dell is here.

[ad_2]
Source link