a review of the bias and knob attacks on bluetooth
play

A review of the BIAS and KNOB attacks on Bluetooth Classic and - PowerPoint PPT Presentation

Sep 22, 2023 •253 likes •949 views

WAC workshop 2020 A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele Antonioli Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy 1

  1. WAC workshop 2020 A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Daniele Antonioli Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy 1

  2. Who Am I • Daniele Antonioli ◮ Postdoc at EPFL ◮ I like cyber-physical and wireless systems, protocol analysis, applied crypto, ... ◮ Twitter: @francozappa ◮ Website: https://francozappa.github.io • I work in the HexHive group led by Mathias Payer ◮ System security e.g., Bluetooth security and DP3T ◮ More: https://hexhive.epfl.ch/ Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Bio 2

  3. BIAS and KNOB attacks on Bluetooth • Key Negotiation Of Bluetooth (KNOB) Attack ◮ Exploits Bluetooth’s key negotiation ◮ CVE-2019-9506: https://www.kb.cert.org/vuls/id/918987/ • Bluetooth Impersonation AttackS (BIAS) ◮ Exploits Bluetooth’s key authentication ◮ CVE-2020-10135: https://kb.cert.org/vuls/id/647177/ • KNOB and BIAS attacks are standard-compliant ◮ Billions of vulnerable devices ◮ E.g. smartphones, laptops, tablets, headsets, cars, . . . Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Outline 3

  4. Talk Outline • Talks has three parts ◮ Part 1: Introduction about Bluetooth and its security mechanisms ◮ Part 2: High level description of the BIAS and KNOB attacks ◮ Part 3: Attacks’ implementation, evaluation and countermeasures • Related work by Nils Tippenhauer, Kasper Rasmussen, and myself ◮ “The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR” [SEC19] ◮ “Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy” [TOPS20] ◮ “BIAS: Bluetooth Impersonation AttackS” [S&P20] Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy Outline 4

  5. Part 1: Introduction about Bluetooth Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 5

  6. Bluetooth Classic and Bluetooth Low Energy • Bluetooth ◮ Pervasive wireless communication technology • Bluetooth Classic (BT) ◮ High-throughput services ◮ E.g., audio, voice • Bluetooth Low Energy (BLE) ◮ Very low-power services ◮ E.g., wearables, contact tracing Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 6

  7. Bluetooth Standard • Bluetooth Standard ◮ Complex documents (Bluetooth Core v5.2, 3.256 pages) ◮ Custom security mechanisms (pairing, secure sessions) ◮ No public reference implementation https://www.bluetooth.com/specifications/bluetooth-core-specification/ Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 7

  8. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  9. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  10. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  11. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  12. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  13. Bluetooth Security: Pairing and Secure Sessions Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 8

  14. Bluetooth Security: Impersonation and MitM Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 9

  15. Bluetooth Security: Impersonation and MitM Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 9

  16. Bluetooth Security: Impersonation and MitM Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P1: Introduction 9

  17. Part 2: KNOB Attack on BLE Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: KNOB on BLE 10

  18. BLE Pairing Alice (master) Bob (slave) A B Phase 1: Feature exchange (including key negotation) Phase 2: Key establishment and optional authentication Phase 3: Key distribution (over encrypted link) Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: KNOB on BLE 11

  19. Issues with BLE Pairing (Key Negotiation) Alice (master) Bob (slave) A B Phase 1: Feature exchange (including key negotation) Pairing Request: IO, AuthReq, KeySize, InitKey, RespKey Pairing Response: IO, AuthReq, KeySize, InitKey, RespKey • Issues ◮ KeySize negotiation is not protected , i.e. no integrity, no encryption ◮ KeySize values (pairing key strenght) between 7 bytes and 16 bytes Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: KNOB on BLE 12

  20. KNOB Attack on BLE Alice (master) Charlie (attacker) Bob (slave) A C B Phase 1: Feature exchange (including key negotiation) IO, AuthReq, KeySize: 16, InitKeys, RespKeys IO, AuthReq, KeySize: 7 , InitKeys, RespKeys IO, AuthReq, KeySize: 7 , InitKeys, RespKeys IO, AuthReq, KeySize: 16, InitKeys, RespKeys Phase 2: Key establishment and optional authentication Phase 3: Key distribution over encrypted link • KNOB attack on BLE ◮ Downgrade BLE pairing key to 7 bytes of entropy ◮ Session keys will inherit 7 bytes of entropy ◮ Brute-force the session key and break BLE security Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: KNOB on BLE 13

  21. Part 2: BIAS Attack on BT Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 14

  22. BIAS Attacks Introduction • BIAS attacks target BT secure session establishment ◮ Not pairing • Assumptions for Alice and Bob ◮ Securely paired in absence of Charlie ◮ Share a strong pairing key (e.g. 16 bytes of entropy) Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 15

  23. Bluetooth Authentication Mechanisms • Legacy Secure Connection (LSC) authentication ◮ Unilateral, challenge-response • Secure Connection (SC) authentication ◮ Mutual, challenge-response • LSC or SC negotiated during secure session establishment Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 16

  24. BIAS Attacks on Bluetooth Session Establishment Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 17

  25. BIAS Attacks on Bluetooth Session Establishment Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 17

  26. BIAS Attacks on Bluetooth Session Establishment Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on BT 17

  27. Legacy Secure Connection (LSC) Authentication Alice (slave) Bob (master) A B B, LSC A, LSC C B R A = H(C B , A, K L ) R A check Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on LSC 18

  28. Issues with LSC Authentication • LSC authentication is not used mutually for session establishment • A device can switch authentication role Alice (slave) Bob (master) A B B, LSC A, LSC C B R A = H(C B , A, K L ) R A check Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on LSC 19

  29. BIAS Attack on LSC: Master Impersonation Alice (slave) Charlie as Bob (master) A C B, LSC A, LSC C C R A = H(C C , A, K L ) Skip R A check Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on LSC 20

  30. BIAS Attack on LSC: Slave Impersonation Charlie as Alice (slave) Bob (master) C B B, LSC A, Role Switch, LSC Accept Role Switch Charlie is the master (verifier) C C R B = H(C C , B, K L ) Skip R B check Daniele Antonioli ( @francozappa ) A review of the BIAS and KNOB attacks on Bluetooth Classic and Bluetooth Low Energy P2: BIAS on LSC 21

Recommend

BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper

BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper

IEEE S&P 2020 BIAS: Bluetooth Impersonation AttackS Daniele Antonioli (EPFL), Nils Tippenhauer (CISPA), Kasper Rasmussen (Oxford Univ.) Daniele Antonioli ( @francozappa ) BIAS: Bluetooth Impersonation AttackS 1 Bluetooth standard

923 views • 34 slides
The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR

The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR

USENIX 2019 @ Santa Clara, US The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR Daniele Antonioli 1 , Nils Ole Tippenhauer 2 , Kasper Rasmussen 3 1 Singapore University of Technology and Design (SUTD)

483 views • 24 slides
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan

BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan

BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy Jianliang Wu 1 , Yuhong Nan 1 , Vireshwar Kumar 1 , Dave (Jing) Tian 1 , Antonio Bianchi 1 , Mathias Payer 2 , Dongyan Xu 1 1 Purdue University 2 EPFL Motivation Bluetooth

626 views • 18 slides
Knob Handler Putting a handle on any knob 2.009 Yellow A Overview Arthritis patients

Knob Handler Putting a handle on any knob 2.009 Yellow A Overview Arthritis patients

Knob Handler Putting a handle on any knob 2.009 Yellow A Overview Arthritis patients have difficulty gripping and turning knobs Knob handler Portable Battery powered Self locking How It Works Market Arthritis

453 views • 8 slides
Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth

Bluetooth Team 1 What is Bluetooth? Origins Ericsson, 1994 Harald Bluetooth Today Bluetooth Special Interests Group Compatible with a multitude of devices Widespread IEEE Standard Secure

230 views • 7 slides
Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob

Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob

Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob Looking Beyond the Knob Whats After Whats After What s After What s After Peculiar Knob? Peculiar Knob? Peculiar Knob? Peculiar Knob? Bob Duffin Bob Duffin

627 views • 24 slides
Review Selection bias, overfitting Bias v. variance v. residual Bias-variance tradeoff

Review Selection bias, overfitting Bias v. variance v. residual Bias-variance tradeoff

Review Selection bias, overfitting Bias v. variance v. residual Bias-variance tradeoff 1 n=1 Cramr-Rao bound n=4 0.8 n=30 0.6 CDF of max of n samples of 0.4 N( =2, 2 =1) 0.2 [representing error estimates for n

517 views • 28 slides
Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by

Using Bluetooth Low Energy for Location What is BLE? Bluetooth Low Energy Originally designed by Nokia as Wibree (2001) Bluetooth Smart Why has BLE been so Successful? Rapid adoption by vendors Apple Samsung Simple design Cheap in

422 views • 20 slides
Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda

ITE Mid-Colonial District Annual Meeting April 29, 2010 Using Bluetooth to Determine Using Bluetooth to Determine Travel Times www.kmjinc.com 1 Agenda Bluetooth and How It Works The BlueTOAD TM Device Evaluation Project

270 views • 22 slides
BIAS What Is Bias? Bias can be defined as favoring one side, position, or belief being

BIAS What Is Bias? Bias can be defined as favoring one side, position, or belief being

BIAS What Is Bias? Bias can be defined as favoring one side, position, or belief being partial or prejudiced Where have you seen bias? Bias vs. Propaganda Bias is prejudice; a preconceived judgment or an opinion formed

717 views • 29 slides
TATA HARRIER Harrier Gear Shift Knob TATA HARRIER GEAR KNOB TATA NEXON Nexon Gear Shift Knob

TATA HARRIER Harrier Gear Shift Knob TATA HARRIER GEAR KNOB TATA NEXON Nexon Gear Shift Knob

TATA HARRIER Harrier Gear Shift Knob TATA HARRIER GEAR KNOB TATA NEXON Nexon Gear Shift Knob Nexon Gear Shift Knob TATA TIAGO, TIGOR, ZEST, BOLT Zest / Bolt / Tiago / Tigor Gear Shift Knob Assembly (Without Leather Wrapping) Zest / Bolt /

330 views • 18 slides
Objectives Review the impact of bias on clinical care Caring for Patients with Diverse

Objectives Review the impact of bias on clinical care Caring for Patients with Diverse

Objectives Review the impact of bias on clinical care Caring for Patients with Diverse Backgrounds Describe the current understanding of the neuroanatomy of implicit bias Discuss strategies to combat bias in clinical care through

181 views • 7 slides
Lilydale Regional Park North Knob Stabilization Meeting February 1, 2018 Me e ting Ag e

Lilydale Regional Park North Knob Stabilization Meeting February 1, 2018 Me e ting Ag e

Lilydale Regional Park North Knob Stabilization Meeting February 1, 2018 Me e ting Ag e nda 1. Introductions & Project Background General Cherokee Heights Ravine 2. Engineering Design Items North Knob Slope

910 views • 41 slides
NFC Payments: The Art of Relay & Replay Attacks Who am I? Security Researcher

NFC Payments: The Art of Relay & Replay Attacks Who am I? Security Researcher

NFC Payments: The Art of Relay & Replay Attacks Who am I? Security Researcher Samsung Pay Exploiting Mag-stripe info with Bluetooth audio Co-founder of Women in Tech Fund @Netxing (WomenInTechFund.org) Content

1.07k views • 73 slides
Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are

Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are

Presented By: Paul Misticawi VP of Sales, TrafficCast What is Bluetooth How are traveltimes derived from Bluetooth devices Turning Raw Data into Information Applications Using Bluetooth TravelTimes Using

198 views • 16 slides
Equity & Excellence: Hidden Bias Implicit Bias Inherent Bias

Equity & Excellence: Hidden Bias Implicit Bias Inherent Bias

Equity & Excellence: Hidden Bias Implicit Bias Inherent Bias ____________________________________________ Vincent R. De Lucia Educator-in-Residence Director of Mandatory Training & PD New Jersey School Boards Association Anderson

426 views • 41 slides
IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s

IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s

IoTSSC Bluetooth Bluetooth Classic (Basic Rate BR/Enhanced Data Rate EDR) In 1990s Ericsson wanted to connect other devices to mobile phone without cables Established a consortium which accumulated over the years 20k members (!)

933 views • 46 slides
Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short

Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short

Next Generation BlueZ & Bluetooth Smart Devices Johan Hedberg (Intel) Bluetooth Short Introduction Short range wireless technology operating at 2.4 GHz Originally announced in 1998 as a replacement for RS-232 but has evolved

346 views • 21 slides
bad decision bias? 2 5 6 Affinity Bias: What can we do? 2. 3. 1. Seek

bad decision bias? 2 5 6 Affinity Bias: What can we do? 2. 3. 1. Seek

bad decision bias? 2 5 6 Affinity Bias: What can we do? 2. 3. 1. Seek outputs Compare rather than Be aware performance compentenci not people es 7 9 10 11 12 Unconscious bias refers to a

292 views • 15 slides
BIAS BIAS LIGHT LIGHT & & MEDIUM MEDIUM TR TRUCK UCK TIRES TIRES Bias Bias Ligh

BIAS BIAS LIGHT LIGHT & & MEDIUM MEDIUM TR TRUCK UCK TIRES TIRES Bias Bias Ligh

BIAS BIAS LIGHT LIGHT & & MEDIUM MEDIUM TR TRUCK UCK TIRES TIRES Bias Bias Ligh ight T t Truck / / Trail iler r Ti Tire Si Size No Nome mencla latu ture 9.50-16 9.50 16.5L .5LT/D T/D ST ST 7.00 7.00-15 15 1 10

121 views • 11 slides
Bias in, Bias out: Gender Equality and the Fourth Industrial Revolution Debra Howcroft and

Bias in, Bias out: Gender Equality and the Fourth Industrial Revolution Debra Howcroft and

Bias in, Bias out: Gender Equality and the Fourth Industrial Revolution Debra Howcroft and Jill Rubery Work and Equalities Institute University of Manchester Bias in, bias out: an overview Two parts Identify the methodology

706 views • 21 slides
CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer

CS5530 Mobile/Wireless Systems Android Bluetooth Interface Yanyan Zhuang Department of Computer Science http://www.cs.uccs.edu/~yzhuang UC. Colorado Springs CS5530 Ref. CN5E, NT@UW, WUSTL Bluetooth Communication Bluetooth-enabled

343 views • 18 slides
Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech

Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech

Overview Bias effects Expectancy bias and Bias and forensic evidence Bias and speech research forensic speech research Blind forensic speech research Maartje Schreuder TMFI / Maastricht University I AFPA 2011 Bundeskrim

180 views • 7 slides
Implicit Bias Implicit bias Implicit bias refers to attitudes or stereotypes that affect our

Implicit Bias Implicit bias Implicit bias refers to attitudes or stereotypes that affect our

Implicit Bias Implicit bias Implicit bias refers to attitudes or stereotypes that affect our understanding, actions and decisions in an unconscious manner. It's different from suppressed thoughts we might conceal to keep the peace; it's

634 views • 16 slides

More recommend