Bluetooth presents vulnerability that allows hacking

The Bluetooth specification presents a vulnerability that allows hackers to break the security system of any device that is establishing a connection of this type so that it is possible to access or modify the files that are being sent.

Researchers from the University of Technology and Design of Singapore, the University of Oxford (United Kingdom) and the CISPA Helmholtz Information Security Center (Germany) revealed a weakness in the negotiation protocol that allows users to contact the archives even alter the content sent by Bluetooth.

The researchers decided to call this type of cyberattacks as ‘Key Negotiation of Bluetooth‘ or KNOB attack because it affects any device that is compatible with Bluetooth technology.

Bluetooth has a protocol that allows the establishment of encrypted negotiation with only eight entropy bits, that is, the randomness established by a system as the basis for encryption systems.

With only eight possible combinations, this allows a hacker, through a brute force attack consisting simply of trying different combinations, negotiate the encrypted codes and then manipulate the codes in real time.

The researchers contacted several entities related to Bluethooth technology to report this error: the Bluetooth Special Interest Group (Bluetooth SIG), the standards organization that oversees the development of Bluetooth standards, the CERT Coordination Center and the Advanced Internet Cybersecurity Center (ICASI).

K. Tovar

Source: La Voz