vendredi 13 décembre 2019    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 14 août 2019

VU#918987: Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks

Bluetooth is a short-range wireless technology based off of a core specification that defines six different core configurations,including the Bluetooth Basic Rate/Enhanced Data Rate Core Configurations. Bluetooth BR/EDR is used for low-power short-range communications. To establish an encrypted connection,two Bluetooth devices must pair with each other and establish a link key that is used to generate the encryption key. For example,assume that there are two controllers attempting to establish a connection:Alice and Bob. After authenticating the link key,Alice proposes that she and Bob use 16 bytes of entropy. This number,N,could be between 1 and 16 bytes. Bob can either accept this,reject this and abort the negotiation,or propose a smaller value. Bob may wish to propose a smaller N value because he(the controller)does not support the larger amount of bytes proposed by Alice. After proposing a smaller amount,Alice can accept it and request to activate link-layer encryption with Bob,which Bob can accept. An attacker,Charlie,could force Alice and Bob to use a smaller N by intercepting Alice's proposal request to Bob and changing N. Charlie could lower N to as low as 1 byte,which Bob would subsequently accept since Bob supports 1 byte of entropy and it is within the range of the compliant values. Charlie could then intercept Bob's acceptance message to Alice and change the entropy proposal to 1 byte,which Alice would likely accept,because she may believe that Bob cannot support a larger N. Thus,both Alice and Bob would accept N and inform the Bluetooth hosts that encryption is active,without acknowledging or realizing that N is lower than either of them initially intended it to be.

Lien vers l'article source

Auteur: US Cert

Catégories: CertUSNombre de vues: 106

x

Événements SSI

FIC

Ayant pour thème cette année "Replacer l'humain au coeur de la cybersécurité", le Forum International de la Cybersécurité occupe les 28, 29 et 30 janvier 2020 le Grand Palais de Lille. Organisé par la Région Hauts-de-France et Euratechnologies, la Gendarmerie Nationale et CEIS.

RSS