Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange.
Bluetooth firmware or operating system software drivers may not
sufficiently validate elliptic curve parameters used to generate public
keys during a Diffie-Hellman key exchange, which may allow a remote
attacker to obtain the encryption key used by the device.
|CWE-325: Missing Required Cryptographic Step – CVE-2018-5383
Bluetooth utilizes a device pairing mechanism based on
elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted
communication between devices. The ECDH key pair consists of a private
and a public key, and the public keys are exchanged to produce a shared
pairing key. The devices must also agree on the elliptic curve
parameters being used. Previous work on the “Invalid Curve Attack”
showed that the ECDH parameters are not always validated before being
used in computing the resulted shared key, which reduces attacker effort
to obtain the private key of the device under attack if the
implementation does not validate all of the parameters before computing
the shared key.
In some implementations, the elliptic curve parameters are not all
Both Bluetooth low energy (LE) implementations of Secure Connections
Since the vulnerability was identified, the Bluetooth SIG has updated
unauthenticated, remote attacker within range may be able to utilize a
man-in-the-middle network position to determine the cryptographic keys
used by the device. The attacker can then intercept and decrypt and/or
forge and inject device messages.
|Apply an update
Both software and firmware updates are expected over the coming weeks.