It seems that nothing is safe from technological attacks these days. Attackers will find a way to attack any device or service it is capable of. A recent vulnerability, BLURtooth, attacks the component used to configure authentication keys when pairing Bluetooth enabled devices. Yes, even this is something you have to worry about not being safe.
How the component works
First, we need to take a look at what this component does – Cross Transport Key Derivation (CTKD). It configures two different sets of authentication keys for Bluetooth Low Energy (BLE) and Basic Rate / Enhanced Data Rate (BR / EDR) standards.
This allows CTKD to have both keys ready so that paired devices can decide which version of the Bluetooth standard to use. Mainly, it is used for Bluetooth “dual mode” function.
BLURtooth vulnerability on Bluetooth
What is called the BLURtooth attack was discovered separately by two groups of academics from Purdue University and the École Polytechnique Fédérale de Lausanne.
The Bluetooth Special Interest Group (SIG) and the CERT Coordination Center at Carnegie Mellon University have published notices that an attacker can manipulate the CTKD component to overwrite other Bluetooth authentication keys on a device. It gives the attacker Bluetooth access to other Bluetooth enabled services and applications on that device.
In some versions of the BLURtooth attack, authentication keys can be completely overwritten, but in other versions, authentication keys are only downgraded to use weak encryption on the Bluetooth enabled device.
All devices that use the Bluetooth 4.0 to 5.0 standard are vulnerable to the BLURtooth attack. Bluetooth 5.1 has features that, when enabled, can prevent the attack. Bluetooth SIG officials have started notifying suppliers of Bluetooth devices about BLURtooth attacks.
Patches are not available at this point. The only way to protect against BLURtooth attacks is to prevent man-in-the-middle attacks or associations with untrusted devices that deceive the user. When patches are available, they are expected to be included as firmware or operating system updates for devices.
With the number of Bluetooth enabled devices, they obviously all work on different time frames. Whether or not your device receives a patch will depend on the manufacturer’s priority for security.
For example, I looked at the specs for my iPad and it uses Bluetooth 5.0. Apple would likely handle this in an iPadOS and iOS update. Apple is known to be focused on security, so I have no doubts that this will be supported soon.
BLURtooth is just another reminder of the importance of keeping your devices up to date with the latest firmware and OS. Even though you don’t need the new, updated bells and whistles, they still include security enhancements that help keep you safe.
This was the reason behind an earlier Windows 10 update deliberately interrupting unsecured Bluetooth connections.
Is this article useful?