The Cross-Transport Key Derivation (CTKD) component in Bluetooth is responsible for the authentication when pairing two devices together; now a group of academic researchers have disclosed a flaw in the CTKD supporting both Bluetooth BR/EDR and LE in Bluetooth Specifications 4.2 to 5.0.
While Bluetooth SIG, the organization that is saddled with the development of the Bluetooth standards have issued a statement confirming the flaw, which potentially is affecting hundreds of millions of devices worldwide.
The flaw is dubbed 'BLURtooth' and tracked as CVE-2020-15802, as it exposes devices powered with Bluetooth 4.0 or 5.0 technology, allowing hackers to gain unauthorized access to a targeted nearby device by overwriting the authenticated key, and thus reducing the encryption key strength.
The researchers from École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University also identified that the CTKD may permit a remote access to some LE services when BR/EDR access is achieved and BR/EDR profiles when LE access is achieved. Albeit, given that this is the intended function of CTKD, these processes are not considered as vulnerabilities by the SIG.
How the BLURtooth Flaw affects Dual-mode devices using CTKD
Dual-mode devices that use CTKD to generate Long Term Keys (LTK) or Link Key (LK) are normally capable of overwriting the original LTK or LK in such cases where the transport was enforcing a higher level of security, and vulnerable devices must permit a pairing to proceed transparently without authentication, for any of the BR/EDR or LE transports to be susceptible to the attack.
The flaw leverages on the ability under specific implementations of the pairing process which could allow devices to overwrite authorization keys if the transport enforces a higher level of security.
And if a device becomes paired or bonded on a transport which is spoofing another device's identity and CTKD is used to derive a key which overwrites a pre-existing key of greater strength or that uses authentication, then access can be gained to the authenticated services.
How to Mitigate against the BLURtooth Attack
Bluetooth SIG has warned that the flaw may permit a Man In The Middle (MITM) attack between devices previously paired using authenticated pairing if those devices are both vulnerable. And they recommend the introduction of restrictions on CTKD mandated in Bluetooth Core Specification versions 5.1 and later as primary mitigation.
The company has also started to coordinate with affected vendors to help in releasing necessary patches, and they further recommends that devices should restrict when pairable on either transport to when a user interaction places the device into a pairable mode or when the device has no existing connections to a paired device.