KNOB Attack

Key Negotiation of Bluetooth Attack: Breaking Bluetooth Security


About the KNOB Attack

TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.

Bluetooth is a wireless communication protocol commonly used between low power devices to transfer data, e.g., between a wireless headset and a phone, or between two laptops. Bluetooth communications might contain private and/or sensitive data, and the Bluetooth standard provides security features to protect against someone who wants to eavesdrop and/or manipulate your information. We found and exploited a severe vulnerability in the Bluetooth specification that allows an attacker to break the security mechanisms of Bluetooth for any standard-compliant device. As a result, an attacker is able to the listen, or change the content of, nearby Bluetooth communication, even between devices that have previously been successfully paired.

We call our attack the Key Negotiation of Bluetooth (KNOB) Attack. Because this attack affects basically all devices that "speak Bluetooth", we decided to coordinate public disclosure with industry to try to make sure that workarounds could be put in place. In November 2018 we shared details of the attack with the Bluetooth Special Interest Group (Bluetooth SIG)—the standards organisation that oversees the development of Bluetooth standards—as well as the CERT Coordination Center and the International Consortium for Advancement of Cybersecurity on the Internet (ICASI)—an industry led coordination body founded by Intel, Microsoft, Cisco, Juniper and IBM.

Video recording of the KNOB attack presentation at USENIX Security 2019 by Daniele Antonioli:

For more information on affected systems see CVE-2019-9506 . The technical details of the attack are available in our research paper and our slides. Our repository contains the code that we developed to implement and test the KNOB attack, including our PoC and the code for E0.

Are my Devices Vulnerable?

The KNOB attack is possible due to flaws in the Bluetooth specification. As such, any standard-compliant Bluetooth device can be expected to be vulnerable. We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.

After we disclosed our attack to industry in late 2018, some vendors might have implemented workarounds for the vulnerability on their devices. So the short answer is: if your device was not updated after late 2018, it is likely vulnerable. Devices updated afterwards might be fixed.

References (not exhaustive): [Bluetooth SIG: Erratum 11838 note] [NVD NIST] [CVE] [CERT] [Intel] [Cypress (login required)] [Android] [Marvell] [Huawei] [Microsoft] [Apple: macOS iOS watchOS] tvOS] [Linux: debian Red Hat Ubuntu] [Github: CVE code CVE issues] [CISCO] [BlackBerry]

Team

The KNOB attack was identified, investigated, and demonstrated by an international team of researchers.

Media Coverage

Non-English News