BLUFFS Attacks (CVE-2023-24023): A Wake-Up Call for Bluetooth Security Enhancements

In the realm of wireless connectivity, Bluetooth stands as a ubiquitous technology, seamlessly connecting billions of devices worldwide. From smartphones and laptops to headsets and speakers, its pervasive presence underscores the critical need for robust security measures. However, recent discoveries have unveiled alarming vulnerabilities, collectively known as the BLUFFS attacks (CVE-2023-24023), that threaten to compromise the very foundation of Bluetooth security.


Unveiling the BLUFFS Attacks

Researcher Daniele Antonioli at EURECOM has uncovered a critical security vulnerability in Bluetooth, dubbed BLUFFS, that renders devices susceptible to Man-in-the-Middle (MITM) attacks. This vulnerability affects Bluetooth devices that support Secure Connections pairing and Secure Simple Pairing in Bluetooth® Core Specifications 4.2 through 5.4.

The Nature of the Threat

The BLUFFS attacks exploit a flaw that allows an MITM attacker to intercept communication between two paired or bonded Bluetooth devices. The attacker can manipulate the devices into establishing a subsequent encryption procedure using legacy encryption, forcing them to enter the Peripheral role. This maneuver enables the attacker to dictate the minimum encryption key length and control the nonce values used to generate the encryption key.

Antonioli published the toolkit for exploiting the CVE-2023-24023 vulnerability.

Consequences of the Vulnerability

The successful execution of a BLUFFS attack can lead to severe consequences:

  • Reduced Encryption Key Strength: The attacker can force the use of a weaker encryption key, making it easier to crack and decrypt the communication between devices.

  • Key Reuse: The attacker can force the use of the same encryption key for all subsequent sessions between the affected devices, enabling them to decrypt all past and future communication.

  • Live Injection Attacks: If the attacker can force a sufficiently weak encryption key, they can decrypt and inject malicious data into the communication stream in real time.

Mitigating the Threat

To safeguard against BLUFFS attacks, device manufacturers and software developers should implement the following measures:

  • Reject Service-Level Connections: Implementations should reject service-level connections on encrypted links with key strengths below the recommended minimum of 7 octets.

  • Utilize Security Mode 4 Level 4: For implementations capable of operating in Security Mode 4 Level 4, reject service-level connections on encrypted links with key strengths below 16 octets.

  • Enforce Secure Connections Only Mode: Enabling Secure Connections Only Mode on both devices ensures adequate key strength.