Skip to main content

New research on Bluetooth vulnerability


Professor Kasper Rasmussen is part of an international team of researchers that authored a paper to expose a vulnerability in the Bluetooth wireless communication protocol commonly used to connect personal devices. In the paper, the team exposed a Bluetooth vulnerability that enables an attacker to listen in on, or change the content of, information shared between Bluetooth devices, even if the devices have previously been successfully paired.


In the paper, titled “The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR”, the researchers presents an attack on the key negotiation of the Bluetooth protocol (KNOB). The attack exploits a mechanism present in all on standard-compliant Bluetooth devices, which enables the negotiation of a cryptographic key with reduced entropy.  The Bluetooth protocol is present in everyday items such as mobile phones or wireless headphones, and the attack therefore impacts all such devices. The attack targets the firmware of the Bluetooth chip which means that a firmware upgrade is required to fix the problem.


The attack and proof of concept code has demonstrated the vulnerability and has been taken very seriously by industry. In November 2018, the details of the attack were shared with the Bluetooth Special Interest Group—the standards organization that oversees the development of Bluetooth standards—and with the CERT Coordination Center and the International Consortium for Advancement of Cybersecurity on the Internet (ICASI). After the attack was disclosed to industry in late 2018, some vendors may have since implemented workarounds for the vulnerability on their devices.


Read more details and full paper here: