Rajeev Chauhan, profile picture
Uploaded byRajeev Chauhan
1,243 views

Bluetooth Hacking: Cracking the PIN and Repairing Attack

The document provides an in-depth analysis of Bluetooth security, highlighting the pairing process, pin code cracking methods, and vulnerabilities in the Bluetooth protocol. It discusses algorithms used for authentication and encryption key creation, while also detailing potential attacks like re-pairing and brute-force pin cracking. Furthermore, the document emphasizes recommended countermeasures to enhance Bluetooth security, including the use of longer pins and secure pairing practices.

Technology
Related topics:
Cyber-Security

Embed presentation

Downloaded 17 times
By Rajeev ChauhanBy Rajeev Chauhan http://www.cysectips.blogspot.inhttp://www.cysectips.blogspot.in https://www.facebook.com/cyberoxenhttps://www.facebook.com/cyberoxen http://cyberoxen.comhttp://cyberoxen.com Bluetooth SecurityBluetooth Security Step by Step AnalysisStep by Step Analysis cyberoxen
Bluetooth SecurityBluetooth Security ● Depends on pair codes to establishDepends on pair codes to establish the BT Communicationthe BT Communication.. ● Pin cracked.......aim achieved.Pin cracked.......aim achieved. ● SourceSource Cracking the Bluetooth PinCracking the Bluetooth Pin byby Yaniv ShakedYaniv Shaked andand Avishai Wool.Avishai Wool.cyberoxen
Bluetooth ConnectivityBluetooth Connectivity ● Basic TriviaBasic Trivia:: – PIN: Personal Identification NumberPIN: Personal Identification Number.. ● The PIN code is 1-8 bytes long (8-128 bits).The PIN code is 1-8 bytes long (8-128 bits). ● Most devices use PIN sizes of 4 decimal digits.Most devices use PIN sizes of 4 decimal digits. – BD_ADDRBD_ADDR :Each Bluetooth device has a 48 bit:Each Bluetooth device has a 48 bit unique address that is called the Bluetooth Deviceunique address that is called the Bluetooth Device Address.Address. – Pairing :Pairing :The process in which two (or more) BluetoothThe process in which two (or more) Bluetooth devices hook up to create a shared secret valuedevices hook up to create a shared secret value called K_init. The K_init forms the basis for all futurecalled K_init. The K_init forms the basis for all future Bluetooth negotiations between these two devicesBluetooth negotiations between these two devices. cyberoxen
Image ref http://www.hudo.com/joke/men-women-bluetooth-and-wi-fi/ cyberoxen
Bluetooth Pairing andBluetooth Pairing and AuthenticationAuthentication ● It involvesIt involves – Creation of Intialisation key (KCreation of Intialisation key (K_init_init).). – Creation of Link Key (KCreation of Link Key (K_ab_ab).). – Authentication.Authentication. – Derive Encryption Key forDerive Encryption Key for communication.communication. cyberoxen
Creation of K_Creation of K_initinit The K_init key is createdThe K_init key is created using the E22 algorithm,using the E22 algorithm, whose inputs are:whose inputs are: ● BD_ADDR.BD_ADDR. ● The PIN code and itsThe PIN code and its length.length. ● a 128 bit randoma 128 bit random number IN_RAND.number IN_RAND. (transmitted in plain txt)(transmitted in plain txt) ● This algorithm outputs aThis algorithm outputs a 128 bit word, which is128 bit word, which is referred to as thereferred to as the initialization key (Kinit).initialization key (Kinit). Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/ cyberoxen
Creation of KCreation of K__abab ● Using the E21 algorithm, bothUsing the E21 algorithm, both devices create the link key Kdevices create the link key K_ab_ab.. The inputs of E21 algorithm are:The inputs of E21 algorithm are: 1.1. An BD_ADDRAn BD_ADDR.. 2.2. The 128 bit random numberThe 128 bit random number LK_RAND.LK_RAND. ● The devices use the initializationThe devices use the initialization key to exchange two new 128 bitkey to exchange two new 128 bit random words, known asrandom words, known as LK_RANDLK_RANDAA and LK_RANDand LK_RANDB.B. ● Each device selects a randomEach device selects a random 128 bit word and sends it to the128 bit word and sends it to the other device after bitwise x-oringother device after bitwise x-oring it with Kit with K_init._init. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
Mutual AuthenticationMutual Authentication ● The inputs to E1 are:The inputs to E1 are: 1. The random word AU_RAND1. The random word AU_RANDAA.. 2. The link key K2. The link key K_ab_ab.. 3. Its own Bluetooth device address3. Its own Bluetooth device address (BD_ADDR(BD_ADDRBB).). ● This process is based on a challenge-This process is based on a challenge- response scheme.response scheme. ● One of the devices, the verifier, randomizesOne of the devices, the verifier, randomizes and sends (in plaintext) a 128 bit wordand sends (in plaintext) a 128 bit word called AU_RANDcalled AU_RANDAA and other one, theand other one, the claimant, sends AU_RANDclaimant, sends AU_RANDB.B. ● The claimant, calculates a 32 bit wordThe claimant, calculates a 32 bit word called SRES using an algorithm E1. Thecalled SRES using an algorithm E1. The claimant sends the 32 bit SRES word as aclaimant sends the 32 bit SRES word as a reply to the verifier, who verifies (byreply to the verifier, who verifies (by performing the same calculations) theperforming the same calculations) the response word.response word. ● This process is done at both the ends.This process is done at both the ends. ● As a side effect of the authenticationAs a side effect of the authentication process, a 96 bit word called ACO isprocess, a 96 bit word called ACO is calculated by both peers which is usedcalculated by both peers which is used during the creation of the encryption key.during the creation of the encryption key. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
Bluetooth PIN CrackingBluetooth PIN Cracking ● Messages sent during the pairing and authentication process!!!!!!!!Messages sent during the pairing and authentication process!!!!!!!! Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
Bluetooth PIN CrackingBluetooth PIN Cracking ● Eavesdropped the completeEavesdropped the complete process.process. ● Messages recorded.Messages recorded. ● Attacker enumerates allAttacker enumerates all possible values of the PINpossible values of the PIN.. ● The attacker runs E22 with inputsThe attacker runs E22 with inputs IN_RAND and the BD_ADDR, theIN_RAND and the BD_ADDR, the guessed PIN, and finds aguessed PIN, and finds a hypothesis for K_init, to decodehypothesis for K_init, to decode messages 2 and 3.messages 2 and 3. ● Messages 2 and 3 contain enoughMessages 2 and 3 contain enough information to give the attacker aninformation to give the attacker an hypothesis of K_ab.hypothesis of K_ab. ● Using K_ab and the transmittedUsing K_ab and the transmitted AU_RANDA (message 4), theAU_RANDA (message 4), the attacker calculates SRES andattacker calculates SRES and compares it to the data ofcompares it to the data of message 5.message 5. ● The attacker can use the value ofThe attacker can use the value of messages 6 and 7 to re-verify themessages 6 and 7 to re-verify the hypothesis K_ab until the correcthypothesis K_ab until the correct PIN is found.PIN is found. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
Brute Force AlgorithmBrute Force Algorithm Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
Bluetooth PIN CrackingBluetooth PIN Cracking ● Only fully successful against PINOnly fully successful against PIN values of under 64 bits.values of under 64 bits. ● If the PIN is longer, then with highIf the PIN is longer, then with high probability there will be multipleprobability there will be multiple PIN candidates, since the twoPIN candidates, since the two SRES values only provide 64 bitsSRES values only provide 64 bits of data .of data . ● A 64 bit PIN is equivalent to a 19A 64 bit PIN is equivalent to a 19 decimal digits PIN.decimal digits PIN. ● The Bluetooth pairing andThe Bluetooth pairing and authentication process uses threeauthentication process uses three algorithms: E22, E21, E1.algorithms: E22, E21, E1. ● All of these algorithms are basedAll of these algorithms are based on the SAFER+ cipher.on the SAFER+ cipher. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
The Re-Pairing attackThe Re-Pairing attack ● AssumptionsAssumptions:: – Both the devices are already paired once.Both the devices are already paired once. – Pairing process completed.Pairing process completed. – Link Key K_ab stored in each deviceLink Key K_ab stored in each device.. – Attacker to record all the messages andAttacker to record all the messages and crack the PIN using the Basic attackcrack the PIN using the Basic attack. – Proceed directly to the AuthenticationProceed directly to the Authentication phasephase. – Force the devices to repeat the pairingForce the devices to repeat the pairing process.process. – Bluetooth specifications allow a BluetoothBluetooth specifications allow a Bluetooth cyberoxen
The Re-Pairing attackThe Re-Pairing attack ● Three different Approaches.Three different Approaches. ● First MethodFirst Method:: – The master device sends the slave anThe master device sends the slave an AU_RANDAU_RAND message, and expects themessage, and expects the SRESSRES message in return.message in return. – (The slave sends an(The slave sends an “LMP_not_accepted“LMP_not_accepted““ message in return, to let the master knowmessage in return, to let the master know it has forgotten the link key.)it has forgotten the link key.) – The attacker injects aThe attacker injects a LMP_not_acceptedLMP_not_accepted message toward the master. This willmessage toward the master. This will make the master re-initiate the paring.make the master re-initiate the paring. – Restarting the pairing procedure causesRestarting the pairing procedure causes the master to discard the link key.the master to discard the link key. cyberoxen
The Re-Pairing attackThe Re-Pairing attack ● Second Method:Second Method: – Before the master deviceBefore the master device sends the slave ansends the slave an AU_RANDAU_RAND message,message, thethe attacker injects aattacker injects a IN_RANDIN_RAND message toward the slave,message toward the slave, – The slave device will beThe slave device will be convinced the master hasconvinced the master has lost the link key and pairing islost the link key and pairing is restarted.restarted. – This will cause theThis will cause the connection establishment toconnection establishment to restart.restart. cyberoxen
The Re-Pairing attackThe Re-Pairing attack ● Third MethodThird Method :: – After Master has sent theAfter Master has sent the AU_RAND,AU_RAND, An attackerAn attacker injects a random SRESinjects a random SRES message toward the master.message toward the master. – This causes theThis causes the Authentication phase toAuthentication phase to restart, and repeatedrestart, and repeated attempts will be made.attempts will be made. – At some point, after a certainAt some point, after a certain number of failednumber of failed authentication attempts, theauthentication attempts, the master device is expected tomaster device is expected to declare that thedeclare that the authentication procedure hasauthentication procedure has failed and initiate pairing.failed and initiate pairing. cyberoxen
The Re-Pairing attackThe Re-Pairing attack ● CulminationCulmination:: – This assures the pairing process will occur during the nextThis assures the pairing process will occur during the next connection establishment, so the attacker will be able toconnection establishment, so the attacker will be able to eavesdrop on the entire process, and use the basic methodeavesdrop on the entire process, and use the basic method to crack the PIN.to crack the PIN. – After breaking the PIN (0.06-0.3 sec for a 4 digit PIN), theAfter breaking the PIN (0.06-0.3 sec for a 4 digit PIN), the attacker can decode the saved messages, and continue toattacker can decode the saved messages, and continue to eavesdrop and decode the communication on the fly.eavesdrop and decode the communication on the fly. – Since Bluetooth supports a bit rate of 1 Megabit per second,Since Bluetooth supports a bit rate of 1 Megabit per second, a 40KB buffer is more than enough for the common case ofa 40KB buffer is more than enough for the common case of a 4 digit PIN.a 4 digit PIN. cyberoxen
CountermeasuresCountermeasures ● Refrain from entering the PIN into the Bluetooth device forRefrain from entering the PIN into the Bluetooth device for pairing as much as possible.pairing as much as possible. ● Use PIN longer than 6 digits.Use PIN longer than 6 digits. ● The PIN length ranges from 8 to 128 bits. Should ask forThe PIN length ranges from 8 to 128 bits. Should ask for longer bit lenghts.longer bit lenghts. ● Set Bluetooth device in “non-discoverable mode/hiddenSet Bluetooth device in “non-discoverable mode/hidden mode”.mode”. ● Application level security in addition to BT authentication....Application level security in addition to BT authentication.... ie password.ie password. cyberoxen
CountermeasuresCountermeasures ● Use the strongest Bluetooth securityUse the strongest Bluetooth security mode available on the device.mode available on the device. ● Avoid use of standard commercialAvoid use of standard commercial Bluetooth headsets.Bluetooth headsets. ● Disable Bluetooth functionality whenDisable Bluetooth functionality when not in use. Use shorter range Class 2not in use. Use shorter range Class 2 or 3 devices.or 3 devices. ● Make devices discoverable onlyMake devices discoverable only when necessary.when necessary. ● Pair Bluetooth devices in a securePair Bluetooth devices in a secure area using long and randomlyarea using long and randomly cyberoxen
INFORMATION SOURCESINFORMATION SOURCES ● http://www.mysecurecyberspace.com/encyclopediahttp://www.mysecurecyberspace.com/encyclopedia /index/pin-cracking.html/index/pin-cracking.html ● http://www.eng.tau.ac.il/~yash/shaked-wool-mobihttp://www.eng.tau.ac.il/~yash/shaked-wool-mobi sys05/sys05/ ● https://www.sans.org/reading-room/whitepapers/wihttps://www.sans.org/reading-room/whitepapers/wi reless/bluetooth-inherent-security-issues-945reless/bluetooth-inherent-security-issues-945 ● http://pervasive.cs.uah.edu/PSP/BluetoothSechttp://pervasive.cs.uah.edu/PSP/BluetoothSec urityurity ● http://www.techradar.com/news/networking/bluetoohttp://www.techradar.com/news/networking/bluetoo th-jumps-to-4-1-makes-an-early-leap-for-the-inteth-jumps-to-4-1-makes-an-early-leap-for-the-inte rnet-of-things-1204915rnet-of-things-1204915 cyberoxen
cyberoxen

More Related Content

PDF
Hands-on ethernet driver
bySUSE Labs Taipei
 
PDF
Version Control System - for Agile Software Project Management.
byBhavya Chawla
 
DOCX
Qnx os
byStudent
 
PDF
SonarQube
byGnanaseelan Jeb
 
PPTX
Linux Kernel Tour
bysamrat das
 
PPT
Boundary value analysis
byVadym Muliavka
 
PDF
559011580-Let-Us-Python-by-Yashavant-Kanetkar.pdf
byMadhusmitaSahu40
 
PPTX
Solaris Operating System - Oracle
byMalan Amarasinghe
 
Hands-on ethernet driver
bySUSE Labs Taipei
 
Version Control System - for Agile Software Project Management.
byBhavya Chawla
 
Qnx os
byStudent
 
SonarQube
byGnanaseelan Jeb
 
Linux Kernel Tour
bysamrat das
 
Boundary value analysis
byVadym Muliavka
 
559011580-Let-Us-Python-by-Yashavant-Kanetkar.pdf
byMadhusmitaSahu40
 
Solaris Operating System - Oracle
byMalan Amarasinghe
 

What's hot

PDF
Accelerating HPC Applications on NVIDIA GPUs with OpenACC
byinside-BigData.com
 
PPTX
Yocto Project introduction
byYi-Hsiu Hsu
 
DOCX
Analysis of Learning Behavior Characteristics and Prediction of Learning Effe...
byShakas Technologies
 
PPT
GNU GPL, LGPL, Apache licence Types and Differences
byIresha Rubasinghe
 
PPTX
Yocto project
byUniversity of Texas at Dallas
 
PPTX
Gitlab with github desktop
bySagar Dash
 
PDF
Linux introduction
byMd. Zahid Hossain Shoeb
 
PDF
Gotchas using Terraform in a secure delivery pipeline
byAnton Babenko
 
PPTX
A History of Linux
byDamian T. Gordon
 
PPTX
Introduction to linux ppt
byOmi Vichare
 
PPT
Git Introduction
byGareth Hall
 
PDF
Systemd: the modern Linux init system you will learn to love
byAlison Chaiken
 
PPT
TEST EXECUTION AND REPORTING
bysuhasreddy1
 
PDF
MISRA C in an ISO 26262 context
byAdaCore
 
PDF
Semantic Versioning
byDrupalize.Me
 
PDF
Virtualbox
byAnthony Yuan , PMP
 
PDF
Docker, Linux Containers (LXC), and security
byJérôme Petazzoni
 
PDF
Stegosploit - Hacking With Pictures HITB2015AMS
bySaumil Shah
 
PDF
ISO 26262 Approval of Automotive Software Components
byReal-Time Innovations (RTI)
 
PPT
Linux file system
byMidaga Mengistu
 
Accelerating HPC Applications on NVIDIA GPUs with OpenACC
byinside-BigData.com
 
Yocto Project introduction
byYi-Hsiu Hsu
 
Analysis of Learning Behavior Characteristics and Prediction of Learning Effe...
byShakas Technologies
 
GNU GPL, LGPL, Apache licence Types and Differences
byIresha Rubasinghe
 
Yocto project
byUniversity of Texas at Dallas
 
Gitlab with github desktop
bySagar Dash
 
Linux introduction
byMd. Zahid Hossain Shoeb
 
Gotchas using Terraform in a secure delivery pipeline
byAnton Babenko
 
A History of Linux
byDamian T. Gordon
 
Introduction to linux ppt
byOmi Vichare
 
Git Introduction
byGareth Hall
 
Systemd: the modern Linux init system you will learn to love
byAlison Chaiken
 
TEST EXECUTION AND REPORTING
bysuhasreddy1
 
MISRA C in an ISO 26262 context
byAdaCore
 
Semantic Versioning
byDrupalize.Me
 
Virtualbox
byAnthony Yuan , PMP
 
Docker, Linux Containers (LXC), and security
byJérôme Petazzoni
 
Stegosploit - Hacking With Pictures HITB2015AMS
bySaumil Shah
 
ISO 26262 Approval of Automotive Software Components
byReal-Time Innovations (RTI)
 
Linux file system
byMidaga Mengistu
 

Viewers also liked

PPTX
Presentación1
byJonathan Camilo Castro Pinzon
 
PPTX
Why Exhibit_cloud
byeTailing India
 
DOCX
Narendra modi’s independence day speech with viewpoint on e commerce
byeTailing India
 
PPT
Radiohead 'in rainbow' marketing strategy
byW07ULONGWE
 
PPT
Kdqt eng chap008
byhuongntt16
 
PDF
Qlda 3-tuduychienluoc[easyvn.net]
byhuongntt16
 
PPT
Indie-Care_Candice Jordan v1
bypromohazard
 
PDF
eTailing India Chennai Conclave 2013 Part 14
byeTailing India
 
TXT
Examen 2° grado primer bimestre
bysaraalonso1989
 
PDF
eTailing India Workshop - Retail Track - Workshop Valtech
byeTailing India
 
PPTX
Delivering Your Products To Customers In USA – by United States Postal Servic...
byeTailing India
 
PPT
dene/ders1.ppt
byBatın Düz
 
PDF
Tarun Arora- ATOM- eTailing India Conclave Jaipur- 2013
byeTailing India
 
PPTX
Evaluating the Cloud
bySociusPartner
 
PDF
Sage 2015 roadmap – next release and beyond
bySociusPartner
 
PPTX
Why Should You Exhibit at eTailing India Expo M17?
byeTailing India
 
PPSX
Career in life insurance
bySyed Adnan Kazmi
 
DOCX
Women show the way in india’s progress
byeTailing India
 
DOCX
India’s Startups through Thick and Thin in 2016
byeTailing India
 
Presentación1
byJonathan Camilo Castro Pinzon
 
Why Exhibit_cloud
byeTailing India
 
Narendra modi’s independence day speech with viewpoint on e commerce
byeTailing India
 
Radiohead 'in rainbow' marketing strategy
byW07ULONGWE
 
Kdqt eng chap008
byhuongntt16
 
Qlda 3-tuduychienluoc[easyvn.net]
byhuongntt16
 
Indie-Care_Candice Jordan v1
bypromohazard
 
eTailing India Chennai Conclave 2013 Part 14
byeTailing India
 
Examen 2° grado primer bimestre
bysaraalonso1989
 
eTailing India Workshop - Retail Track - Workshop Valtech
byeTailing India
 
Delivering Your Products To Customers In USA – by United States Postal Servic...
byeTailing India
 
dene/ders1.ppt
byBatın Düz
 
Tarun Arora- ATOM- eTailing India Conclave Jaipur- 2013
byeTailing India
 
Evaluating the Cloud
bySociusPartner
 
Sage 2015 roadmap – next release and beyond
bySociusPartner
 
Why Should You Exhibit at eTailing India Expo M17?
byeTailing India
 
Career in life insurance
bySyed Adnan Kazmi
 
Women show the way in india’s progress
byeTailing India
 
India’s Startups through Thick and Thin in 2016
byeTailing India
 

Similar to Bluetooth Hacking: Cracking the PIN and Repairing Attack

PDF
23c3 Bluetooth hacking revisited
byThierry Zoller
 
PPTX
17.security level of services
byPramod Rathore
 
PPTX
Bluetooth Security
byNikhil Raj
 
PPT
BluetoothSecurity consideration and fondamentary.ppt
byMugabo4
 
PPT
INTRODUCTION TO BLUETOOTH HACKING (An0n Ali).ppt
bywacod67650
 
PDF
Bluetooth Vulnerabilities
byVictorYee
 
PPTX
IoT setup and pairing
byGuy Vinograd ☁
 
PPTX
11.bluetooth security
byPramod Rathore
 
PPTX
Bluetooth security
byShantanu Krishna
 
PDF
David - Fpga - ClubHack2007
byClubHack
 
PDF
Bluetooth Low Energy - A Case Study
byFReeze FRancis
 
PDF
Dual Authentication For Bluetooth Connection
byIJERA Editor
 
PPT
Bluetooth & Fiat
byguest09f636
 
PPT
bluetooth and blue and me technology
byguest83cc4fd
 
PDF
David-FPGA
byguest66dc5f
 
PDF
David-FPGA
byguest66dc5f
 
PPTX
Controlling Bluetooth Low Energy Devices
byKeerati Torach
 
PPTX
Bluetooth secuirty issues
byDevyani Vaidya
 
PPTX
Bluetooth secuirty issues
byDevyani Vaidya
 
PDF
A Proposed SAFER Plus Security algorithm using Fast Walsh Hadamard transform ...
byijwmn
 
23c3 Bluetooth hacking revisited
byThierry Zoller
 
17.security level of services
byPramod Rathore
 
Bluetooth Security
byNikhil Raj
 
BluetoothSecurity consideration and fondamentary.ppt
byMugabo4
 
INTRODUCTION TO BLUETOOTH HACKING (An0n Ali).ppt
bywacod67650
 
Bluetooth Vulnerabilities
byVictorYee
 
IoT setup and pairing
byGuy Vinograd ☁
 
11.bluetooth security
byPramod Rathore
 
Bluetooth security
byShantanu Krishna
 
David - Fpga - ClubHack2007
byClubHack
 
Bluetooth Low Energy - A Case Study
byFReeze FRancis
 
Dual Authentication For Bluetooth Connection
byIJERA Editor
 
Bluetooth & Fiat
byguest09f636
 
bluetooth and blue and me technology
byguest83cc4fd
 
David-FPGA
byguest66dc5f
 
David-FPGA
byguest66dc5f
 
Controlling Bluetooth Low Energy Devices
byKeerati Torach
 
Bluetooth secuirty issues
byDevyani Vaidya
 
Bluetooth secuirty issues
byDevyani Vaidya
 
A Proposed SAFER Plus Security algorithm using Fast Walsh Hadamard transform ...
byijwmn
 

Recently uploaded

PDF
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
PDF
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
PDF
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PPTX
WEEK 1-introduction of industrial arts grade 7.pptx
byrosierufinomaliongan
 
PDF
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
PDF
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
PPTX
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
PPTX
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
PDF
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
PDF
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PPTX
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 
PPTX
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
PPTX
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 
Poročilo odbora CIS (CH08873) za leto 2025 na letni skupščini IEEE Slovenija ...
byUniversity of Maribor
 
The Manifesto for AI-enabled Governance !
byYannis Charalabidis
 
Analyze and Preserve Logs - RHCSA (RH134).pdf
byLinuxCert Guru
 
Introduction to Artificial Intelligence (AI).pptx
byammar414783
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
WEEK 1-introduction of industrial arts grade 7.pptx
byrosierufinomaliongan
 
GenerationAI Paris 2025 | How Agentic AI is Reinventing Organizations
byapidays
 
Traditional-Security-Models-No-Longer-Work.pptx (1).pdf
byOhhproJunction
 
Computer architecture, Computer architecture ,Computer architecture
bywaheedqazi123
 
Retrieval Augmented Generation- The Synergistic Power of Prompt Engineering
bySemantic SEO BD
 
Advanced SELinux Management - RHCSA (RH134).pdf
byLinuxCert Guru
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
From DeFi POC to Production MVP - A 12-16 Week Blueprint.pdf
byniahiggins21
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
Track Phone Location by Number (2026)_ What’s Actually Possible for Free (and...
byEmily Woods
 
Mesh WiFi Router: The Smart Solution for Fast, Seamless, Whole-Home Internet
byAeroMesh Systems
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Working Session — Build a Document Understanding Automation Using an OOTB ML ...
byDianaGray10
 
Beyond the Algorithm: Designing Human-Centric Public Service with AI
byAlan Dix
 
TravelTech Paris 2025 | Beyond the pipes: Why Channel Management isn’t really...
byapidays
 

Bluetooth Hacking: Cracking the PIN and Repairing Attack

  • 1.
    By Rajeev ChauhanByRajeev Chauhan http://www.cysectips.blogspot.inhttp://www.cysectips.blogspot.in https://www.facebook.com/cyberoxenhttps://www.facebook.com/cyberoxen http://cyberoxen.comhttp://cyberoxen.com Bluetooth SecurityBluetooth Security Step by Step AnalysisStep by Step Analysis cyberoxen
  • 2.
    Bluetooth SecurityBluetooth Security ● Dependson pair codes to establishDepends on pair codes to establish the BT Communicationthe BT Communication.. ● Pin cracked.......aim achieved.Pin cracked.......aim achieved. ● SourceSource Cracking the Bluetooth PinCracking the Bluetooth Pin byby Yaniv ShakedYaniv Shaked andand Avishai Wool.Avishai Wool.cyberoxen
  • 3.
    Bluetooth ConnectivityBluetooth Connectivity ● BasicTriviaBasic Trivia:: – PIN: Personal Identification NumberPIN: Personal Identification Number.. ● The PIN code is 1-8 bytes long (8-128 bits).The PIN code is 1-8 bytes long (8-128 bits). ● Most devices use PIN sizes of 4 decimal digits.Most devices use PIN sizes of 4 decimal digits. – BD_ADDRBD_ADDR :Each Bluetooth device has a 48 bit:Each Bluetooth device has a 48 bit unique address that is called the Bluetooth Deviceunique address that is called the Bluetooth Device Address.Address. – Pairing :Pairing :The process in which two (or more) BluetoothThe process in which two (or more) Bluetooth devices hook up to create a shared secret valuedevices hook up to create a shared secret value called K_init. The K_init forms the basis for all futurecalled K_init. The K_init forms the basis for all future Bluetooth negotiations between these two devicesBluetooth negotiations between these two devices. cyberoxen
  • 4.
  • 5.
    Bluetooth Pairing andBluetoothPairing and AuthenticationAuthentication ● It involvesIt involves – Creation of Intialisation key (KCreation of Intialisation key (K_init_init).). – Creation of Link Key (KCreation of Link Key (K_ab_ab).). – Authentication.Authentication. – Derive Encryption Key forDerive Encryption Key for communication.communication. cyberoxen
  • 6.
    Creation of K_Creationof K_initinit The K_init key is createdThe K_init key is created using the E22 algorithm,using the E22 algorithm, whose inputs are:whose inputs are: ● BD_ADDR.BD_ADDR. ● The PIN code and itsThe PIN code and its length.length. ● a 128 bit randoma 128 bit random number IN_RAND.number IN_RAND. (transmitted in plain txt)(transmitted in plain txt) ● This algorithm outputs aThis algorithm outputs a 128 bit word, which is128 bit word, which is referred to as thereferred to as the initialization key (Kinit).initialization key (Kinit). Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool-mobisys05/ cyberoxen
  • 7.
    Creation of KCreationof K__abab ● Using the E21 algorithm, bothUsing the E21 algorithm, both devices create the link key Kdevices create the link key K_ab_ab.. The inputs of E21 algorithm are:The inputs of E21 algorithm are: 1.1. An BD_ADDRAn BD_ADDR.. 2.2. The 128 bit random numberThe 128 bit random number LK_RAND.LK_RAND. ● The devices use the initializationThe devices use the initialization key to exchange two new 128 bitkey to exchange two new 128 bit random words, known asrandom words, known as LK_RANDLK_RANDAA and LK_RANDand LK_RANDB.B. ● Each device selects a randomEach device selects a random 128 bit word and sends it to the128 bit word and sends it to the other device after bitwise x-oringother device after bitwise x-oring it with Kit with K_init._init. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 8.
    Mutual AuthenticationMutual Authentication ● Theinputs to E1 are:The inputs to E1 are: 1. The random word AU_RAND1. The random word AU_RANDAA.. 2. The link key K2. The link key K_ab_ab.. 3. Its own Bluetooth device address3. Its own Bluetooth device address (BD_ADDR(BD_ADDRBB).). ● This process is based on a challenge-This process is based on a challenge- response scheme.response scheme. ● One of the devices, the verifier, randomizesOne of the devices, the verifier, randomizes and sends (in plaintext) a 128 bit wordand sends (in plaintext) a 128 bit word called AU_RANDcalled AU_RANDAA and other one, theand other one, the claimant, sends AU_RANDclaimant, sends AU_RANDB.B. ● The claimant, calculates a 32 bit wordThe claimant, calculates a 32 bit word called SRES using an algorithm E1. Thecalled SRES using an algorithm E1. The claimant sends the 32 bit SRES word as aclaimant sends the 32 bit SRES word as a reply to the verifier, who verifies (byreply to the verifier, who verifies (by performing the same calculations) theperforming the same calculations) the response word.response word. ● This process is done at both the ends.This process is done at both the ends. ● As a side effect of the authenticationAs a side effect of the authentication process, a 96 bit word called ACO isprocess, a 96 bit word called ACO is calculated by both peers which is usedcalculated by both peers which is used during the creation of the encryption key.during the creation of the encryption key. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 9.
    Bluetooth PIN CrackingBluetoothPIN Cracking ● Messages sent during the pairing and authentication process!!!!!!!!Messages sent during the pairing and authentication process!!!!!!!! Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 10.
    Bluetooth PIN CrackingBluetoothPIN Cracking ● Eavesdropped the completeEavesdropped the complete process.process. ● Messages recorded.Messages recorded. ● Attacker enumerates allAttacker enumerates all possible values of the PINpossible values of the PIN.. ● The attacker runs E22 with inputsThe attacker runs E22 with inputs IN_RAND and the BD_ADDR, theIN_RAND and the BD_ADDR, the guessed PIN, and finds aguessed PIN, and finds a hypothesis for K_init, to decodehypothesis for K_init, to decode messages 2 and 3.messages 2 and 3. ● Messages 2 and 3 contain enoughMessages 2 and 3 contain enough information to give the attacker aninformation to give the attacker an hypothesis of K_ab.hypothesis of K_ab. ● Using K_ab and the transmittedUsing K_ab and the transmitted AU_RANDA (message 4), theAU_RANDA (message 4), the attacker calculates SRES andattacker calculates SRES and compares it to the data ofcompares it to the data of message 5.message 5. ● The attacker can use the value ofThe attacker can use the value of messages 6 and 7 to re-verify themessages 6 and 7 to re-verify the hypothesis K_ab until the correcthypothesis K_ab until the correct PIN is found.PIN is found. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 11.
    Brute Force AlgorithmBruteForce Algorithm Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 12.
    Bluetooth PIN CrackingBluetoothPIN Cracking ● Only fully successful against PINOnly fully successful against PIN values of under 64 bits.values of under 64 bits. ● If the PIN is longer, then with highIf the PIN is longer, then with high probability there will be multipleprobability there will be multiple PIN candidates, since the twoPIN candidates, since the two SRES values only provide 64 bitsSRES values only provide 64 bits of data .of data . ● A 64 bit PIN is equivalent to a 19A 64 bit PIN is equivalent to a 19 decimal digits PIN.decimal digits PIN. ● The Bluetooth pairing andThe Bluetooth pairing and authentication process uses threeauthentication process uses three algorithms: E22, E21, E1.algorithms: E22, E21, E1. ● All of these algorithms are basedAll of these algorithms are based on the SAFER+ cipher.on the SAFER+ cipher. Fig ref: http://www.eng.tau.ac.il/~yash/shaked-wool- mobisys05/ cyberoxen
  • 13.
    The Re-Pairing attackTheRe-Pairing attack ● AssumptionsAssumptions:: – Both the devices are already paired once.Both the devices are already paired once. – Pairing process completed.Pairing process completed. – Link Key K_ab stored in each deviceLink Key K_ab stored in each device.. – Attacker to record all the messages andAttacker to record all the messages and crack the PIN using the Basic attackcrack the PIN using the Basic attack. – Proceed directly to the AuthenticationProceed directly to the Authentication phasephase. – Force the devices to repeat the pairingForce the devices to repeat the pairing process.process. – Bluetooth specifications allow a BluetoothBluetooth specifications allow a Bluetooth cyberoxen
  • 14.
    The Re-Pairing attackTheRe-Pairing attack ● Three different Approaches.Three different Approaches. ● First MethodFirst Method:: – The master device sends the slave anThe master device sends the slave an AU_RANDAU_RAND message, and expects themessage, and expects the SRESSRES message in return.message in return. – (The slave sends an(The slave sends an “LMP_not_accepted“LMP_not_accepted““ message in return, to let the master knowmessage in return, to let the master know it has forgotten the link key.)it has forgotten the link key.) – The attacker injects aThe attacker injects a LMP_not_acceptedLMP_not_accepted message toward the master. This willmessage toward the master. This will make the master re-initiate the paring.make the master re-initiate the paring. – Restarting the pairing procedure causesRestarting the pairing procedure causes the master to discard the link key.the master to discard the link key. cyberoxen
  • 15.
    The Re-Pairing attackTheRe-Pairing attack ● Second Method:Second Method: – Before the master deviceBefore the master device sends the slave ansends the slave an AU_RANDAU_RAND message,message, thethe attacker injects aattacker injects a IN_RANDIN_RAND message toward the slave,message toward the slave, – The slave device will beThe slave device will be convinced the master hasconvinced the master has lost the link key and pairing islost the link key and pairing is restarted.restarted. – This will cause theThis will cause the connection establishment toconnection establishment to restart.restart. cyberoxen
  • 16.
    The Re-Pairing attackTheRe-Pairing attack ● Third MethodThird Method :: – After Master has sent theAfter Master has sent the AU_RAND,AU_RAND, An attackerAn attacker injects a random SRESinjects a random SRES message toward the master.message toward the master. – This causes theThis causes the Authentication phase toAuthentication phase to restart, and repeatedrestart, and repeated attempts will be made.attempts will be made. – At some point, after a certainAt some point, after a certain number of failednumber of failed authentication attempts, theauthentication attempts, the master device is expected tomaster device is expected to declare that thedeclare that the authentication procedure hasauthentication procedure has failed and initiate pairing.failed and initiate pairing. cyberoxen
  • 17.
    The Re-Pairing attackTheRe-Pairing attack ● CulminationCulmination:: – This assures the pairing process will occur during the nextThis assures the pairing process will occur during the next connection establishment, so the attacker will be able toconnection establishment, so the attacker will be able to eavesdrop on the entire process, and use the basic methodeavesdrop on the entire process, and use the basic method to crack the PIN.to crack the PIN. – After breaking the PIN (0.06-0.3 sec for a 4 digit PIN), theAfter breaking the PIN (0.06-0.3 sec for a 4 digit PIN), the attacker can decode the saved messages, and continue toattacker can decode the saved messages, and continue to eavesdrop and decode the communication on the fly.eavesdrop and decode the communication on the fly. – Since Bluetooth supports a bit rate of 1 Megabit per second,Since Bluetooth supports a bit rate of 1 Megabit per second, a 40KB buffer is more than enough for the common case ofa 40KB buffer is more than enough for the common case of a 4 digit PIN.a 4 digit PIN. cyberoxen
  • 18.
    CountermeasuresCountermeasures ● Refrain from enteringthe PIN into the Bluetooth device forRefrain from entering the PIN into the Bluetooth device for pairing as much as possible.pairing as much as possible. ● Use PIN longer than 6 digits.Use PIN longer than 6 digits. ● The PIN length ranges from 8 to 128 bits. Should ask forThe PIN length ranges from 8 to 128 bits. Should ask for longer bit lenghts.longer bit lenghts. ● Set Bluetooth device in “non-discoverable mode/hiddenSet Bluetooth device in “non-discoverable mode/hidden mode”.mode”. ● Application level security in addition to BT authentication....Application level security in addition to BT authentication.... ie password.ie password. cyberoxen
  • 19.
    CountermeasuresCountermeasures ● Use the strongestBluetooth securityUse the strongest Bluetooth security mode available on the device.mode available on the device. ● Avoid use of standard commercialAvoid use of standard commercial Bluetooth headsets.Bluetooth headsets. ● Disable Bluetooth functionality whenDisable Bluetooth functionality when not in use. Use shorter range Class 2not in use. Use shorter range Class 2 or 3 devices.or 3 devices. ● Make devices discoverable onlyMake devices discoverable only when necessary.when necessary. ● Pair Bluetooth devices in a securePair Bluetooth devices in a secure area using long and randomlyarea using long and randomly cyberoxen
  • 20.
    INFORMATION SOURCESINFORMATION SOURCES ● http://www.mysecurecyberspace.com/encyclopediahttp://www.mysecurecyberspace.com/encyclopedia /index/pin-cracking.html/index/pin-cracking.html ● http://www.eng.tau.ac.il/~yash/shaked-wool-mobihttp://www.eng.tau.ac.il/~yash/shaked-wool-mobi sys05/sys05/ ● https://www.sans.org/reading-room/whitepapers/wihttps://www.sans.org/reading-room/whitepapers/wi reless/bluetooth-inherent-security-issues-945reless/bluetooth-inherent-security-issues-945 ● http://pervasive.cs.uah.edu/PSP/BluetoothSechttp://pervasive.cs.uah.edu/PSP/BluetoothSec urityurity ● http://www.techradar.com/news/networking/bluetoohttp://www.techradar.com/news/networking/bluetoo th-jumps-to-4-1-makes-an-early-leap-for-the-inteth-jumps-to-4-1-makes-an-early-leap-for-the-inte rnet-of-things-1204915rnet-of-things-1204915 cyberoxen
  • 21.