Analysis of Bluetooth Security Vulnerabilities and Attack Methods

Analysis of Bluetooth Technology’s Security Vulnerabilities and Attack Methods

Analysis of Bluetooth Security Vulnerabilities and Attack Methods

In current network applications, the Internet of Things (IoT) has a ubiquitous demand for diversity, low cost, low rate, and short distance. Such demands are mainly realized through low-speed network protocols like Bluetooth. Bluetooth is an open standard for short-range communication, utilizing embedded chips to achieve wireless connections with a communication distance of 10m to 100m. The design goal of Bluetooth is to enable personal devices produced by various manufacturers to conveniently achieve low-rate data transmission and cross-operation through a unified short-range wireless connection standard. Bluetooth technology features low cost, low power consumption, small module size, and easy integration, making it very suitable for application in new IoT mobile devices.

1. Bluetooth Technology’s Security System

1.1 Four Security Modes

(1) Security Mode 1: Security Mode 1 has no security mechanisms, does not initiate security procedures, and lacks security functions such as authentication and encryption. In this mode, devices operate faster and consume less power, but data is easily attacked during transmission. Bluetooth V2.0 and earlier versions support this mode.

(2) Security Mode 2: Security Mode 2 is a mandatory service layer security mode, and security procedures can only be initiated during the establishment of logical channels. The security policies for data transmission authentication, certification requirements, and encryption requirements in this mode determine whether to issue commands to initiate security procedures. Currently, all Bluetooth versions support this mode, mainly to ensure compatibility with versions prior to V2.0.

(3) Security Mode 3: Security Mode 3 is a link layer security mechanism. In this mode, Bluetooth devices must initiate security procedures before establishing a physical link on the channel, supporting functions such as authentication and encryption. Only versions above V2.0 support Security Mode 3, making this mechanism less compatible and flexible compared to Security Mode 2.

(4) Security Mode 4: This mode is similar to Security Mode 2 and is a service-level security mechanism, employing the ECDH algorithm during the link key generation phase, offering higher security than the previous three modes and simplifying the device pairing process, which can prevent man-in-the-middle attacks and passive eavesdropping to some extent. When establishing device connections, it first determines whether to initiate security procedures, and if needed, checks whether the key is available. If the key is available, it uses the SSP (Simple Secure Pairing) method for direct pairing, connecting through authentication and encryption processes. The flowchart of the security mode mechanism for establishing connections is shown in Figure 1.

1.2 Key Management

(1) Link Key: The link key is a 128-bit random number, initiated by a pseudo-random number (RAND), a personal identification number (PIN), and the device address using E21 or E22 stream cipher algorithms. The initial key and combined key are generated during the initialization process and discarded after authentication between devices is completed. The master key can be used for broadcasting encrypted information within the micro-network, replacing the original link key when sending broadcast information. The unit key is stored in the Bluetooth device and continuously used for link communication.

(2) Encryption Key: Bluetooth devices that have completed authentication can use the encryption key to encrypt transmitted data. This key is generated by the symmetric encryption algorithm E3, with a word length of 128 bits, derived from RAND, the encryption offset (COF) generated during authentication, and the current link key (K). Bluetooth employs block encryption, generating a binary key stream through the E0 algorithm using the encryption key and other parameters (the device address of the subject device, random number, Bluetooth clock parameters) to encrypt and decrypt transmitted data. The generation of the key is illustrated in Figure 2.

1.3 Authentication

The purpose of authentication is to verify device identity while providing feedback on whether parameter transmission is successful. It can be a one-way process or mutual authentication, but requires prior generation of the link key. The device address of the authenticated device, the random number generated by the subject device during authentication, and the link key all participate, generating response information and authentication encryption offset values. The former is sent to the subject device for verification, and if they match, authentication is successful. If authentication fails, a certain waiting time must elapse before attempting authentication again. The authentication process is shown in Figure 3.

2. Known Bluetooth Security Vulnerabilities

2.1 Frequency-Hopping Clock: Bluetooth transmission uses adaptive frequency hopping technology as a spread spectrum method. Therefore, in the frequency-hopping system, the running counter includes a 28-bit frequency-hopping clock at 3.2 kHz, ensuring that control commands are strictly synchronized with the clock, timing for information transmission and reception, and frequency-hopping control to reduce transmission interference and errors. However, attackers often interfere with the frequency-hopping clock to disrupt the operation of the frequency-hopping command generator and frequency synthesizer, preventing normal communication between Bluetooth devices, and utilize strong electromagnetic pulses with high wave penetration and propagation to eavesdrop on communication content and related frequency-hopping parameters.

2.2 PIN Code Issues: The personal identification number (PIN) in the key control diagram is four digits long and serves as the only trusted source for generating the encryption key and link key. When connecting, both Bluetooth devices require users to input the same PIN code on their devices for pairing. Due to the short length of the PIN code, the key space for the encryption key and link key is limited to the order of 10, and if users choose overly simple PIN codes (such as consecutive identical characters), do not change the PIN code for a long time, or use fixed built-in PIN codes, they become more susceptible to attacks. Therefore, in versions after V2.1, the length of the PIN code was increased to 16 digits, expanding the key space and enhancing the security of the Bluetooth device’s connection authentication process without causing inconvenience due to excessively long data strings during communication.

2.3 Link Key Spoofing: The link key used during communication is based on the fixed unit key in the device, while other information during encryption is public, creating a significant vulnerability. For example, when device A communicates with different devices, it uses its unit key as the link key. An attacker who has communicated with device A can obtain this unit key from device C and calculate the link key by spoofing another device B that has previously communicated with A, thereby impersonating B to pass A’s authentication, and vice versa.

2.4 Repeated Encryption Key Stream: The encryption key stream is generated by the E0 algorithm, with sources including the subject device’s clock and link key. In a specific encryption connection, only the master device clock changes. If a device is used continuously for more than 2313 hours, the clock value will start to repeat, generating an identical key stream as used in previous connections. Repeated key streams can be exploited by attackers as vulnerabilities to obtain the initial plaintext of the transmitted content.

2.5 Authentication Process/Simple Secure Pairing Password: In addition to using the personal identification number (PIN) for pairing, the Bluetooth standard has introduced the Simple Secure Pairing (SSP) method starting from version V2.1. SSP is more convenient than previous PIN pairing, as it does not require both pairing devices with input modules to simultaneously enter the pairing password; instead, it only requires devices with output modules to confirm whether the same random number is displayed on their screens. Establishing Bluetooth physical connections through device search generates a static SSP password, and authentication can be completed in four steps. However, this associated model does not provide protection against man-in-the-middle attacks, and static SSP passwords can be easily compromised by such attacks.

3. Security Threats of Bluetooth Technology

Attacks targeting Bluetooth can generally be classified into two types: one applicable to various wireless networks and the other specific to Bluetooth.

3.1 Denial of Service Attack: The principle of a Denial of Service (DoS) attack is to continuously send connection requests to the target in a short time, preventing the target from establishing normal connections with other devices. The logical link control and adaptation protocol of Bluetooth stipulates that higher-layer protocols can send and receive 64KB data packets, similar to ping data packets. Based on this characteristic, attackers can send a large number of ping data packets to occupy the Bluetooth interface, rendering it unusable and keeping Bluetooth in a high-frequency operating state, thereby exhausting the device’s battery. The flowchart of the DoS attack is shown in Figure 4.

3.2 Man-in-the-Middle Attack: An attacker intercepts data sent by one party in between two devices and forwards it to the other party, obtaining the content of the communication without affecting the communication between both parties. This is a widely used attack method in wireless networks. The low-power Bluetooth technology (Bluetooth Low Energy, BLE) of Bluetooth version 4.0 initially had security measures against man-in-the-middle attacks, but during the product phase, considerations regarding product power consumption and costs resulted in insufficient emphasis on this aspect, making it still vulnerable to attacks. The most common method is to use a combination of software and hardware Bluetooth attacking devices to spoof BLE communication for man-in-the-middle attacks. The diagram of the man-in-the-middle attack is shown in Figure 5.

3.3 Vulnerability Eavesdropping: Bluetooth eavesdropping can be achieved by exploiting vulnerabilities in Bluetooth. The OBEX (Object Exchange) protocol in Bluetooth, which was not mandated to use access control in early Bluetooth product specifications, allows attackers to link to the victim’s phone without notification, gaining permission to add, delete, or modify various multimedia files and SMS call records on the phone, and even command the phone to make or receive calls. The code for such attack functionalities is written by hackers into mobile software, which can be downloaded from the internet. Ordinary users typically operate through graphical interfaces, and some counterfeit phones even come with this functionality, allowing them to gain control over another phone after successfully pairing. However, with the continuous improvement of Bluetooth technology, attacks targeting early Bluetooth vulnerabilities have become increasingly rare.

3.4 Replay Attack: The principle of a replay attack is to listen to or spoof the authentication credentials of both parties’ communications, process them, and then resend them to the attacked party for authentication. During Bluetooth transmission, there are 79 channels; attackers can listen to channels, calculate frequency-hopping timing, and replay authorized devices’ credentials to conduct attacks. The standard in V4.2 has added protocols to prevent replay attacks.

3.5 Pairing Eavesdropping: The default four-digit PIN code in Bluetooth V2.0 and earlier versions is easily brute-forced due to the limited number of combinations for low-digit numbers. The same applies to Bluetooth V4.0’s LE pairing. If an attacker listens to enough data frames, they can determine the key through brute force and simulate the communication party, achieving their attack objectives.

3.6 Location Attack: Each Bluetooth device has a unique 6-byte serial number as its device address. This serial identifier, which does not change during use, can easily leak the device’s location information. Attackers can obtain the geographical location of the attacked device based on Bluetooth’s frequency-hopping connection mechanism, paging mechanism, device identifiers, and other communication parameters.

3.7 Simple Pairing Mode Attack: The SSP (Simple Secure Pairing) connection method specified by Bluetooth V2.0 is not secure due to the use of static passwords that cannot prevent man-in-the-middle attacks. Once an attacker obtains the password, they can conduct sustained attacks for a period of time.

Conclusion

With the rapid promotion of IoT technology in manufacturing, agriculture, and home devices, the application prospects of Bluetooth should not be underestimated, but it also faces significant challenges. Therefore, we look forward to the implementation of necessary security strategies in the design of future Bluetooth standards. Additionally, when using Bluetooth devices for transmission, users should enhance their awareness of Bluetooth device security and strive to use the strongest security modes available.

The above is an analysis of Bluetooth technology’s security vulnerabilities and attack methods presented by Shenzhen Zhuochuang Microelectronics Co., Ltd. If you have Bluetooth product design and development needs, you can trust us with your requirements. We have rich experience in custom development of smart electronic products and can quickly assess development cycles and IC prices, as well as calculate PCBA quotations. We are agents for several domestic and international chip manufacturers: Songhan, Yingguang, Jieli, Ankai, Quanzhi, Realtek, offering MCU, voice IC, BLE Bluetooth IC, dual-mode Bluetooth modules, and WiFi modules. We possess capabilities in hardware design and software development, covering circuit design, PCB design, microcontroller development, custom software development, app development, WeChat public account development, voice recognition technology, Bluetooth development, WiFi technology, and more. We can also undertake R&D for smart electronic products, home appliance solution design, beauty instrument development, IoT application development, smart home solution design, TWS earphone development, Bluetooth speaker development, children’s toy solution development, and electronic education product R&D.

Related posts

  1. How to Connect Bluetooth Headphones to Your Phone: A Detailed Guide
  2. C++ and Embedded Systems: Core Technologies for IoT Device Development
  3. Smart Home Technology Beyond Connectivity
  4. How to Extend the Battery Life of IoT Devices
  5. How to Connect Bluetooth Headphones to Your Phone
  6. 10 Essential TCP/IP Questions Explained with 15 Images
  7. Analysis of Firmware Loading Address Security
  8. Comprehensive Guide to Self-Cleaning Mining Trojans
  9. Siemens Industrial Control System Security Protection Overview
  10. Recommended Software Tools for Embedded Engineers
  11. Applications of C++ in Encryption and Decryption
  12. Analysis of 2020 Micro Source Power Management Solutions
  13. Bluetooth 5.0 Chip: Leading Low Power Technology Globally
  14. Why Hofa’s Mobile Car Key Uses Bluetooth Low Energy Communication?
  15. Bluetooth Low Energy Technology: Key Applications in a Vast Market
  16. Understanding Low Energy Bluetooth Technology
  17. AUMAN Super Heavy Truck Entertainment System Guide
  18. Five-Layer Architecture of Industrial Control Systems
  19. ARM Assembly Language Instructions Guide

Leave a Comment