Researchers have found a flaw in Bluetooth’s authentication protocols which can be exploited in a clever way. This flaw affects almost all Bluetooth devices. But fortunately for everyone, there are no signs that this flaw has been used so far.
A newly discovered vulnerability in the Bluetooth protocol shows how a malicious actor can reduce the encryption strength for the keys used in the pairing of Bluetooth devices. They can also gain complete control over them as a result. The flaw has been identified by the official body of Bluetooth standard.
The way it works is quite creative. Instead of trying to brute-force a pairing with your device. An attacker could instead try to interfere with the normal pairing procedure. And when both devices have to agree on the connection using an exchange of public keys that verify their identities. These keys change every time. But if the attacker can guess them fast enough, they can force a shorter encryption key for the next pairing.
The flaw was discovered by researchers from the Singapore University of Technology and Design. The tests were conducted on more than 17 different Bluetooth chips. And all of the chips were vulnerable to the KNOB attack. Also it is challenging for the hackers to achieve this flaw. As they have to intercept and re-transmit key length negotiation messages between the two devices. Along with blocking transmissions from both sides.