Encryption takes a hit as new flaws surface in Bluetooth and AES
June 13, 2005
Serious flaws have emerged in the basic Bluetooth specification and the Advanced Encryption Standard (AES). John McCormick's got the details on both of these vulnerabilities as well as a look at the rest of the latest security threats out there.
It's been a bad week for encryption all around—even when encryption technology wasn't in effect.
All of Gaul may be divided into three parts, at least according to Julius Caesar, but all of Bluetooth is apparently divided at the core, according to Israeli security specialists who have reportedly found a serious core vulnerability in the basic Bluetooth specification. NewScientist.com reports that researchers have discovered a cryptographic flaw—the worst kind of flaw—in the Bluetooth standard that renders all Bluetooth implementations vulnerable to a fairly simple attack, making those implementations completely insecure.
Bluetooth is a short-range (about a 300-foot maximum) radio standard used by networks to feed data to printers, portable phones, laptops, and other electronic devices. The newly discovered decryption technique makes all Bluetooth communications insecure—even when the user has enabled all of the security features to the maximum levels.
This is not the same vulnerability that exists when Bluetooth devices initially negotiate their connection, which is a well-known threat that's rather difficult to exploit. Instead, the new threat lets attackers penetrate a Bluetooth network at any time and take over the connection, perhaps establishing a connection allowing unlimited long distance calls. Basically, the researchers have found a way to force Bluetooth devices into the initial "pairing" mode and thus decrypt the 128-bit key in well under a second, even using older PCs.
In addition, a professor from the University of Illinois at Chicago says he's found a timing attack approach that lets him recover Advanced Encryption Standard (AES) keys from a remote server using OpenSSL AES. To make matters worse, this is a basic design flaw in AES, not limited to any particular implementation.
Finding security flaws in computer software is nothing new for Associate Professor Daniel Bernstein, whose computer science students have found at least 44 other serious flaws in various applications, tools, and protocols, most of which are open source.
The Bluetooth flaw affects any and all Bluetooth networks, and the AES vulnerability affects any and all AES encryption.
Risk level - Serious
Because these new vulnerabilities affect the overall technology rather than a specific implementation, the risk level is serious for both flaws.
It's too soon to tell whether these problems will turn out to be a tempest in a teapot or seriously exploited vulnerabilities. However, they do point out the truth of my repeated warnings that you shouldn't rely too heavily on encryption or any other security technologies—you never know when a new discovery will compromise what was otherwise a relatively secure platform.
Of course, the biggest problems occur when black hats find a way to crack encryption that a company has used to protect data in long-term storage. They can then go back and dig out the data the organization thought it had securely protected.
How do you fix these new problems in Bluetooth or AES? Just don't use the technology.
Also watch for …
Is merely possessing encryption software evidence of criminal intent? Apparently so: An appeals court has ruled that the judge in a criminal case was correct in permitting the prosecution to argue that the mere presence of PGP software on a computer implied criminal intent. Now, that's really scary! From what I understand, the guy on trial was in a really deep hole to begin with, and there was little he could offer in his own defense, and his lawyers created a side issue in his case. But that doesn't detract from the fact that a court has ruled the mere presence of PGP can be evidence of a guilty mind.
After all of the recent stories about various schools' carelessness with personal data, it's comforting to know that banks are more interested in protecting their customers' privacy—yeah, right! Citigroup, the world's largest bank, is blaming United Parcel Service for the loss of 3.9 million personal banking records stored on computer tapes. Even better, it took 18 days before anybody realized the tapes were missing.
While Citigroup appears to be placing all of the blame on UPS, the actual tapes were unencrypted, a fact that will be hard to pin on the shipping company. Can you say dumbest move ever by a big financial institution? (And this just months after Bank of America lost its own tapes, resulting in more than a million missing records.) It must have cost Citigroup far more to mail out notices to all those customers than it would have to encrypt everything a dozen times over.