30-09-2020 | | By Robin Mitchell
Bluetooth is an important wireless protocol that allows for short-range wireless communication. What is Bluetooth, what applications is it most commonly found in, and what is the new vulnerability discovered?
Bluetooth is a wireless communication protocol that allows two devices to connect and transmit information between them. Operating on the 2.4GHz spectrum, Bluetooth is designed to be low powered and low range, and as a result, has low data transfer speeds. By comparison, Wi-Fi offers greater download speeds, lower latency, and greater range, but at the cost of higher power consumption and increase in complexity. Unlike Wi-Fi, Bluetooth devices do not connect to a common network, but instead, form specific links between devices, and data packets are sent across similarly to serial comms down a physical line.
Bluetooth is ideal for applications that do not require multi-device network access such as speakers, microphones, smart buttons, and wireless configuration. Bluetooth is also suitable for low power applications which utilise batteries (such as remote IoT sensors), as the low energy requirements of Bluetooth allow for long term operation. The lower reconnection time of Bluetooth also helps to minimise energy consumption when Bluetooth devices powers up for routine data transmission.
Being a widely used wireless protocol, security is a critical factor which is why it is essential that developers of products using Bluetooth ensure that all software and associated protocols are up-to-date. Bluetooth devices that are not updated frequently can be potentially exposed to security flaws that may see cybercriminals get unauthorised access to devices, deny services, and even steal personal information.
Recently, a team of researchers from École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University have uncovered a new vulnerability that affects authentication in Bluetooth devices. When two Bluetooth devices wish to communicate, they first need to pair with each other, which establishes that they are allowed to communicate. During this phase, each device lets the other one know what security levels it works with and what they are capable of doing. Once established, the two devices perform a series of key exchanges and cryptographic methods to establish a secure connection so that data transmitted between the two is secure from external attacks.
However, the researchers discovered a vulnerability that allows an attacker to replace Bluetooth keys with non-authenticated keys or those that are easier to hack. The attack can be performed wirelessly on devices that have not even been paired with and require no user authentication. It has also been determined that the attack can allow for device spoofing whereby the attacking device pretends to be a device that is known to the device under attack.
The vulnerability, which is called BLURtooth, affect devices that support dual-mode using Bluetooth 4 and 5 and involves the cross-transport key derivation standard (i.e. the method in which the keys are generated and exchanged between devices). According to the researchers, once a successful attack is completed, the attacker can use the connection to transfer files which can contain malware, and also retrieve information from the target device. Fortunately, the current COVID pandemic has put in place large-scale lockdowns and social distancing, which makes it harder for attackers to exploit the vulnerability.
Bluetooth is a widely used low-energy radio communication system that uses the commonly available 2.4GHz spectrum for low-speed, low-range data transmission. Ensuring that Bluetooth devices are always up-to-date is critical for device security, especially in a world where security is becoming an increasing concern. This Bluetooth vulnerability, BLURtooth, is a good demonstration of how so-called secure systems can easily contain bugs and flaws. Thus designers should always take caution when implementing security systems.