| ... | @@ -129,7 +129,7 @@ BLE is designed to allow devices to advertise and discover services continuously |
... | @@ -129,7 +129,7 @@ BLE is designed to allow devices to advertise and discover services continuously |
|
|
|
|
|
|
|
To mitigate this risk, BLE uses a cryptographic key called the Identity Resolving Key to transform the device's permanent address into a series of temporary addresses. From the perspective of anyone who does not know the Identity Resolving Key, these temporary addresses appear random and cannot be linked to one another. Devices that have been paired know each other's Identity Resolving Keys and can therefore recognise each other's temporary addresses and communicate with each other.
|
|
To mitigate this risk, BLE uses a cryptographic key called the Identity Resolving Key to transform the device's permanent address into a series of temporary addresses. From the perspective of anyone who does not know the Identity Resolving Key, these temporary addresses appear random and cannot be linked to one another. Devices that have been paired know each other's Identity Resolving Keys and can therefore recognise each other's temporary addresses and communicate with each other.
|
|
|
|
|
|
|
|
##### CVE 2020-12856
|
|
##### Silent Pairing Attack
|
|
|
|
|
|
|
|
During our research we encountered an open vulnerability which is extremely relevant to the public mesh application development space. [CVE-2020-12856: A Silent Pairing Issue in Bluetooth-based Contact Tracing Apps](https://raw.githubusercontent.com/alwentiu/COVIDSafe-CVE-2020-12856/master/CVE-2020-12856-19-June-2020.pdf) by authors Alwen Tiu and Jim Mussared, released in May 2020, describes an attack which silently creates a pairing between the attacker's device and a victim device. This results in the attacker learning the victim's Identity Resolving Key. The attacker can use this key to translate the victim's temporary addresses back to the permanent address, thus enabling the attacker to track the victim's movements.
|
|
During our research we encountered an open vulnerability which is extremely relevant to the public mesh application development space. [CVE-2020-12856: A Silent Pairing Issue in Bluetooth-based Contact Tracing Apps](https://raw.githubusercontent.com/alwentiu/COVIDSafe-CVE-2020-12856/master/CVE-2020-12856-19-June-2020.pdf) by authors Alwen Tiu and Jim Mussared, released in May 2020, describes an attack which silently creates a pairing between the attacker's device and a victim device. This results in the attacker learning the victim's Identity Resolving Key. The attacker can use this key to translate the victim's temporary addresses back to the permanent address, thus enabling the attacker to track the victim's movements.
|
|
|
|
|
|
| ... | @@ -137,7 +137,7 @@ In most public mesh protocols, each device uses some sort of publicly-identifiab |
... | @@ -137,7 +137,7 @@ In most public mesh protocols, each device uses some sort of publicly-identifiab |
|
|
|
|
|
|
|
The attack also allows the attacker to exploit the silently created pairing to act as a trusted peripheral such as a Bluetooth keyboard, giving the attacker control over the victim's device.
|
|
The attack also allows the attacker to exploit the silently created pairing to act as a trusted peripheral such as a Bluetooth keyboard, giving the attacker control over the victim's device.
|
|
|
|
|
|
|
|
##### Pairing Fix
|
|
##### Silent Pairing Fix
|
|
|
|
|
|
|
|
As part of our BLE work on this project, we have put together a patch for the BLESSED library that we are using, which fixes this vulnerability by proxying GATT read and write values to remove the authentication flag which triggers automatic pairing. [TODO link the patch when we are eventually able to]
|
|
As part of our BLE work on this project, we have put together a patch for the BLESSED library that we are using, which fixes this vulnerability by proxying GATT read and write values to remove the authentication flag which triggers automatic pairing. [TODO link the patch when we are eventually able to]
|
|
|
|
|
|
| ... | | ... | |
