Bluetooth security flaws allow connections to be hijacked; AirDrop unlikely to be affected [U]

Update: Whether AirDrop is vulnerable to this exploit is unclear, but the odds are against it. See the update at the end.

Two newly-discovered Bluetooth security flaws allow attackers to hijack the connections of all devices using Bluetooth 4.2 to 5.4 inclusive – that is, all devices between late 2014 and now.

Six separate exploits have been demonstrated, allowing both device impersonations and man-in-the-middle attacks …

How Bluetooth security works

Bluetooth is intended to be a secure form of wireless comms, with a number of security features. An Apple support document describes six different elements to Bluetooth security.

• Pairing: The process for creating one or more shared secret keys
• Bonding: The act of storing the keys created during pairing for use in subsequent connections to form a trusted device pair
• Authentication: Verifying that the two devices have the same keys
• Encryption: Message confidentiality
• Message integrity: Protection against message forgeries
• Secure Simple Pairing: Protection against passive eavesdropping and protection against man-in-the-middle attacks

However, there are many different generations of the Bluetooth Core Specification, which support different levels of security. This means that the degree of protection you have depends on the Bluetooth version supported by the oldest of the devices involved in a connection. The strength of the session keys is one key factor in the level of protection offered.

Newly-discovered Bluetooth security flaws

It is this latter point which is exploited by what have been termed BLUFFS attacks, as Bleeping Computer explains.

Researchers at Eurecom have developed six new attacks collectively named ‘BLUFFS’ that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks.

Daniele Antonioli, who discovered the attacks, explains that BLUFFS exploits two previously unknown flaws in the Bluetooth standard related to how session keys are derived to decrypt data in exchange [….]

This is achieved by exploiting four flaws in the session key derivation process, two of which are new, to force the derivation of a short, thus weak and predictable session key (SKC).

Next, the attacker brute-forces the key, enabling them to decrypt past communication and decrypt or manipulate future communications.

In other words, your device is tricked into using a very weak security key, which an attacker can trivially break. That enables two types of attack:

• Device impersonation, where you think you are sending data to a known device (AirDropping something to a friend, for example) when you are really connected to an attacker’s device
• Man-in-the-Middle (MitM) attack, where you are sending data to the intended device, but the data is intercepted by an attacker so they get a copy too

All devices are vulnerable

Because the flaws are in the actual Bluetooth architecture, all devices running Bluetooth 4.2 (introduced in December 2014) to Bluetooth 5.4 (introduced in February 2023) are vulnerable. This includes the latest iPhones, iPads and Macs.

There is nothing users can do to fix the vulnerabilities – it needs device manufacturers to make changes to the way they implement Bluetooth security, rejecting the lower-security modes used to communicate with older and cheaper devices. It’s unclear whether patches can be released for existing devices.

Update: Is AirDrop vulnerable to this?

The short answer is: We don’t know.

AirDrop is a proprietary Apple protocol which uses a combination of Bluetooth and wifi.

When a user chooses AirDrop as the method for sharing an item, the sending device emits an AirDrop signal over BLE that includes the user’s AirDrop short identity hash. Other Apple devices that are awake, in close proximity and have AirDrop turned on detect the signal and respond using peer-to-peer Wi-Fi so that the sending device can discover the identity of any responding devices.

In all likelihood, an attacker would need to combine one of these exploits with a separate compromise of the wifi element of the communication. On this basis, it would seem unlikely that AirDrop is compromised by this. However, if you are concerned – or the stakes are high – you may wish to avoid sending anything sensitive via Bluetooth in a public place. This includes AirDropping personal photos, or documents containing personal information.

• Flipper Zero can still crash iPhones running the latest version of iOS 17
• iOS 17’s NameDrop feature for iPhone: How it works and why it’s not a privacy threat

FTC: We use income earning auto affiliate links. More.