BlueZ: How to avoid fixed Coordinate Invalid Curve Attack

* BlueZ: How to avoid fixed Coordinate Invalid Curve Attack
@ 2018-08-28  9:42 Andy Duan
  2018-08-28  9:56 ` Marcel Holtmann
  0 siblings, 1 reply; 5+ messages in thread
From: Andy Duan @ 2018-08-28  9:42 UTC (permalink / raw)
  To: rtatiya, luiz.von.dentz, marcel, johan.hedberg, Asim Zaidi
  Cc: linux-bluetooth

[-- Attachment #1: Type: text/plain, Size: 2943 bytes --]

Hi all,

Do you have patches for BlueZ to avoid Bluetooth curve attack ?

As I know, Many vendors supply Android Flueride host fixes & Firmware fixes to avoid the curve attack, but BlueZ community doesn't have the topic. Does there have plan to fix the hole ?

Summary

Bluetooth firmware or operating system software drivers may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
Impact

  *   An unauthenticated, remote attacker within range may be able to utilize a man-in-the-middle network position to determine the cryptographic keys used by the device.
  *   The attacker can then intercept and decrypt and/or forge and inject device messages.
  *   The attack exploits the vulnerability on both participating devices simultaneously. If any one of them is patched, the attack does not work
  *   Every Bluetooth chip manufactured by Intel, Broadcom or Qualcomm is likely affected.
 NXP Potential Impact

  *   Potentially all products listed in this link  below will be susceptible
     *   https://www.nxp.com/products/wireless-connectivity/bluetooth-low-energy-ble:BLUETOOTH-LOW-ENERGY-BLE<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.nxp.com%2Fproducts%2Fwireless-connectivity%2Fbluetooth-low-energy-ble%3ABLUETOOTH-LOW-ENERGY-BLE&data=02%7C01%7Cfugang.duan%40nxp.com%7C7e9ffc5ca0a74d3c79a808d5f7572b4d%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C636686876125441293&sdata=iqe9ggsKa%2FQzioW3Wy6KYro%2FQw8zMAVR%2F6MmjgDsAGU%3D&reserved=0>
  *   All i.MX BSP Android and Linux BSP releases that support Bluetooth chipsets will probably impacted and require patching

  *   NXP has currently not been listed as an impacted vendor in the CERT CC website<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.kb.cert.org%2Fvuls%2Fid%2F304725&data=02%7C01%7Cfugang.duan%40nxp.com%7C7e9ffc5ca0a74d3c79a808d5f7572b4d%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C636686876125451302&sdata=4JCI27G1t3tf8qd5W01s5d8Oxh4UOD8DXFASfslRiaI%3D&reserved=0>
 Mitigation

  *   Both software and firmware updates will be required

  *   Looks like Android included this in their June Release for Broadcom, Qualcomm a BT chipsets.
     *   https://source.android.com/security/bulletin/2018-06-01<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsource.android.com%2Fsecurity%2Fbulletin%2F2018-06-01&data=02%7C01%7Cfugang.duan%40nxp.com%7C7e9ffc5ca0a74d3c79a808d5f7572b4d%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C636686876125461314&sdata=ga8hK0rQvzVmttAWh1EgJay04BrivKezVqLvZgjwfR8%3D&reserved=0>
  *   Linux BT driver updates will also be required
     *   Apparently Linux versions prior to 3.19 don't support Bluetooth LE Secure Connections and are therefore not vulnerable

Regards,
Andy Duan

[-- Attachment #2: Type: text/html, Size: 19418 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread