Here's their plan to fix this:
"To remedy the vulnerability, the Bluetooth SIG has updated the Bluetooth Core Specification to recommend a minimum encryption key length of 7 octets for BR/EDR connections"
7 octets, aka... 56 bit.
So it looks like this vulnerability is here to stay. They just raise the bar from "trivially breakable" to "you need a bit of cloudcomputing effort to break a connection".
So it looks like this vulnerability is here to stay. They just raise the bar from "trivially breakable" to "you need a bit of cloudcomputing effort to break a connection".
You don't even need that, you can crack 56 bits on a home machine.
Keep in mind, DES was 56 bits, and it was brute forced in 56 hours in 1997.
Bluetooth physically requires some time to pass between communication. 2^56 seconds is 2 billion years. I doubt you can try more than 100 times a second.
7 octets is the minimum set by the SIG, not a mandatory length to support for all devices. For devices that transfer sensitive information (phones, keyboards, etc.), a larger key length can be enforced. This would be enforced by the application written by the product designer, not the BT chipset vendor nor the BT SIG.
My guess is they're trying to support legacy hardware that might not have the crunching power to do 128/256 with the tight timing constraints on channel hopping?
DES also used 56 bit keys. It was crackable by the NSA the moment it was introduced in 1975. And by the 2000s, anyone could crack it.
Even back then, the choice of 56 bits had nothing to do with speed. Chips were more than capable of handling 128 bit keys even in 1975. It's 2019 and we're still proposing 56 bit key lengths? Wow.
No, they are not proposing 56 bit key lengths. I understand the key is always 128 bits. They are saying that the entropy should be minimum of 56 bits. In fact the entropy is always 128 bits but this negotiation reduces it because 'some' governments didn't want other governments to have stronger encryption. See [1] page 1050, figure 2.
I don't know how much difference that makes (I am not an encryption expert), but it is a fact that affects your comparison to DES.
No, the article is about KNOB, which allows the attacker to arbitrarily shorten key length. The proposed solution is to have a minimum 56 bit key length, which is still too short.
Here's their plan to fix this: "To remedy the vulnerability, the Bluetooth SIG has updated the Bluetooth Core Specification to recommend a minimum encryption key length of 7 octets for BR/EDR connections"
7 octets, aka... 56 bit.
So it looks like this vulnerability is here to stay. They just raise the bar from "trivially breakable" to "you need a bit of cloudcomputing effort to break a connection".