Bluetooth Impersonation AttackS (BIAS) was found 2020 by Daniele Antonioli, Nils Ole Tippenhauer and Kasper B. Rasmussen. The Bluetooth specification includes authentication mechanisms based on long term pairing key, which are created to protect against impersonation attacks. This attack shows that this mechanisms are not reliable and that an attacker can use the mechanisms to impersonate any master or slave device.
- Victims Alice & Bob share a long term key and support mutual authentication
- Attacker Charlie presents to Bob as Alice and downgrades mutual authentication to unilateral authentication.
- Abuses Bluetooth role switching to become the new authenticator. Authenticates bob and starts a secure session with Bob as Alice without having to authenticate.
- Clone Github https://github.com/francozappa/bias
- CYW920819 devboard
- Google Pixel 2
- Linux laptop that can parse diagnostic messages from CYW920819 devboard and run internalblue. Can be achieved by using vanilla linux-4.14.111 kernel compiled with provided modifications of github.
- Open IF_PIXEL2 File
- Change the btadd to the Bluetooth address of the impersonated device
- Change the btname to the Bluetooth name of the impersonated device
- Change lmin and lmax to set the max and min entropy value for the session key
- Connect the devboard to laptop via USB
- Attach to the devboard with btattach -B /dev/ttyUSB1 -S 115200 &
- Enable the devboard diagnostic mode with sudo python2 enable_diag.py
- Start internalblue with sudo internalblue
- Start wireshark monitoring from internalblue
- Use make generate to create bias.py
- Pair the impersonated victim (Pixel 2) and the other victim device
- Disconnect them and disable Bluetooth on the impersonated device (Pixel 2)
- Start a connection from the victim to the impersonated device (BIAS slave impersonation)
- Start a connection from the attack device to the victim (BIAS master impersonation)
To reduce the lack of integrity protection during secure connection establishment, the standard should force to use the long term key to protect the connection establishment. Before creating a secure connection the long term key should be available. The standard should force to always use the legacy authentication procedure mutually.