TUM Logo

Mitigation for the Method Confusion Attack on Bluetooth

Mitigation for the Method Confusion Attack on Bluetooth

Supervisor(s): Ludwig Peuckert
Status: finished
Topic: Others
Author: Fabian Wührer
Submission: 2021-07-15
Type of Thesis: Bachelorthesis

Description

The Method Confusion Attack on Bluetooth enables an attacker to place a Man in the Middle even in the highest security mode of Bluetooth. Since its discovery in 2020, it has been a major issue for Bluetooth security. It attacks the pairing process by using a Numeric Comparison value used for a pairing with one device as a passkey for a Passkey Entry with the other device. This breaks the confidentiality of the passkey.
Bluetooth exists since 1999 and is one of the most used wireless technology standards. It has a lot of use-cases, including many security relevant ones. To date, no viable solution could be presented to address the vulnerability.
However, this work presents a new way to mitigate the attack while maintaining backwards compatibility. The mitigation works by sharing the used Numeric Comparison values with surrounding devices, which allows them to detect a potential attack by comparing them to their used passkeys.
Furthermore, the obvious problem that the sharing transmission could be blocked is circumvented by an introduction of a jamming protection. This protection is based on Tamper Evident Announcements, which provides tamper and jamming detection. Additionally, a security model was designed and a working implementation was used to evaluate the functionality.