OggS q>* tOpusHead8 OggS q>* -rOpusTags Lavf58.45.100 language=eng handler_name=SoundHandler encoder=Lavc58.91.100 libopus major_brand=isom minor_version=512" compatible_brands=isomiso2avc1mp41 author=Daniele Antonioli genre=lectureG title=BLUFFS: Bluetooth Forward and Future Secrecy Attacks and DefensesQ copyright=Licensed to the public under http://creativecommons.org/licenses/by/4.0 album=37C3 artist=Daniele Antonioli< description=Ciao! We present the BLUFFS attacks (CVE-2023-24023), six novel attacks breaking Bluetooth's forward and future secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by compromising and re-using one session key. We discuss the four vulnerabilities in the Bluetooth specification enabling the attacks, two of which are new and related to unilateral and repeatable session key derivation. We describe the toolkit we developed and open-sourced to test our attacks via firmware binary patching, our experiments where we exploited 18 heterogeneous Bluetooth devices, and the practical and backward-compliant session key derivation protocol we built to fix the attacks by design. We also cover related work like KNOB, BIAS, and BLUR, and educational Bluetooth security tips and tricks.OggS q>* Tay;.,.#%! :qw%!O ^i@A9*SyrtGcn7dNCw0mi~D-sxj52p@n]?W2Yw{'XmkM^iN>u&N`5)CRB4< v3b[nVTVJ80yFwSKZ d#%8ud`\d#ƈ(d G 7 E ȫ2' sP *%&<#k]+0P3YK=;@:D@,`F과w[0ѣh(8ș!rGU9>BI4s 7(qW3wKFs.SkK9e&CB3+FmzM C`oab5#+8[м.\p1#P=^.%L閘d9g5jee˔3- $}Ǟ(Twc(>'*=Fv ͌ıɗGz/jۥا%}R F.?m3kΝszϜr''vvhl){AT }' ɿ]7:zlIq'Z#eD{$6 TbeFq;{B{o0 /0Þ%CE It >-2A4:U qzF6k{M2r)Pz.ܥaT4N5}heǩ8w;UQ<0go,PIYDYs$-0*5Ms&YiUN\{ יH3 Ěa