analyzing Gogoro Smart Scooter Is Smart Phone a secur

analyzing Gogoro Smart Scooter Is Smart Phone a secur
BLE authentication design challenges
on smartphone controlled IoT devices:
analyzing Gogoro Smart Scooter
Is Smart Phone a secure key for vehicle?
GD、CSC
Privacy and Risk Management Lab
IM, NTUST, Taiwan
Speakers
GD
CSC
• Graduate Student at NTUST IM
• Associate Professor at NTUST IM
• CHROOT/HITCON Coordinator
• Ph.D., Dept of IM, NTU
• Team T5 CTO
• Gomaji (TW.8472) Board member
• Digital Forensics & Incident Response
• Threat Intelligence Program & Plat.
• Research on Foods, plays CTFs
• Occasionally got vulnerabilities
• Synology Bounty Program (2015)
• CISSP, CCFP, CSSLP, CISM, PMP
• Published many practical security
papers on journals. Helped many
private and public sectors to
establish info security policy.
HITCON
• CTF Team
• DEF CON 2nd Place
• CTF Event
• DEF CON Qualifier
• Community Conf
• Enterprise Conf
• Girls Conf
Table of content
1.
Introduction to Bt Low Energy, Security Manager Protocol,
Smartphone authentications to controls IoT devices via BLE.
2.
BLE 4.0 has many privacy features, restricting vendor powers,
Hardware identifiers are either limited or randomized.
3.
Challenges when designing auth methods, many vendors
giving up SMP pairing, using just plaintext transmissions.
4.
How to analyze BLE protocols, we exaimed many health and
IoT devices, including Gogoro Smart Scooter vehicle.
5.
Without SMP pairing, these vendor-designed authentications
are sometimes flawed, so we are able to ignite other Gogoro.
6.
We propose a better auth protocol: Dual-counter enhanced.
Bluetooth 4.0
High Speed
Classic
Low Energy
WiFi mixed BT
Most common BT
Originally "Wibree"
Persistent connections
Persistent connections
Non-persistent
High power consump.
Mid power consump.
Low power consump.
High bandwidth
Mid bandwidth
Low bandwidth
Short range
Mid range
Long range
(never tried)
Headphones,
Keyboards, Mouse
Health wrists, Temp.
sensors, IoT devices
Bluetooth 4.0 Low Energy
BLE is session-less, 7 methods, similar to HTTP
Method
Request
Response
Commands
Notifications
Indications
Confirmations
方向
Central -> Peripheral
Peripheral -> Central
Central -> Peripheral
Peripheral -> Central
Peripheral -> Central
Central -> Peripheral
功能
一般發送訊息
回覆 Request 用
不用 Response
不用 Confirm
需要 Confirm
回覆 Indication 用
Usually Server has smaller battery and operates only when requested. Fig. Ref: Stanfy Inc, 2015
BLE widely adopted in Health & IoT
Curiosity to understand how it works.
BLE built-in profiles
• Time, Temp, Energy
• Weight, User profile
• Blood pressure, glucose
• Body mass, heart rate
• Speed, direction, location
BLE playgrounds
• Nordic nRF App
• Node.js bleno
BLE is easy to hijack
• Sending vibrate message to nearby MI wristbands
Ref: “Le IoT 想想物聯網 blog”
All BLE sniffer got is in plaintext ?!
Security Manager Protocol
Pairing
Bonding
Re-establishment
Short Term Key
Permanent Key
Permanent Key
BLE 4.0 SMP pairing
Just Works is Un-authed
Pairing Mtd.
MitM attacks
Usability
Just Works
Vulnerable
Convenient, Un-authed
Passkey Entry
If you brute-PIN
Needs screen & Keyboard
Out-Of-Band
Secure via NFC
Needs NFC transceivers
Why vendors did not use SMP pairing:
1. Pairing takes time and effort
2. Paired does not always means secure
3. No screen for numeric comparison
BLE 4.2 screen numb. comp.
BLE 4.0 privacy features
• HW Identifier Read Limitations
• Prevents App/Ads tracking user
• MAC Address always 02000000000000
• HW Identifier Randomization
• Prevents AP tracking/nearby scanning
• MAC Address different per power-cycle
• SMP paired device gets fixed MAC via IRK
• How to authenticate device without HW identifier?
Gogoro Smart Scooter
Public Rental in Berlin
Our current research is based on Taiwan Gogoro.
Berlin Gogoro might work different from Taiwan’s.
Analyzing method
analyze protocol w/
Ubertooth One
Analyze Network
API interfaces
Threat Modeling
Reversing
iOS & Android App
Analyze storage
Security_Key
Notify vendor
Figure out unlock
procedure
Write simulation
unlock program
Responsible
disclosure
Key Fob Unlock (BLE)
Origin
Handle
Key Fob
Value
Function
CONNECT_REQ
Init connection
Scooter
0x37
01 00
Command ID
Scooter
0x25
c2 e7 20 bf d2 99 9d 43 68 c6 2d 65 39 3d 72 c9 f3
Rand. Challenge
Key Fob
0x36
d2 25 57 33 19 18 51 fd ae 7d 1b ed 85 e0 10 78 e2
Signed. Response
LL_TERMINATE_IND
Ends connection
Scooter
(this is much better than widely adopted Keeloq protocol)
Mobile App (Gateway)
• My Gogoro single-sign-on
• App gets scooter information
Mobile App Pairing & Unlock
Only GATT protocol, no BLE SMP pairing observed.
Vendor's challenge
• How to design authentication protocol when
we did not BLE pairing and have no HW identifier?
BLE Gogoro Service
BLE Service UDID last 6-bytes
must be Scooter MAC Address
Gogoro App Protocol
90 A2 08 00 00 00 02 C4 (hex)
90: Header, A2: Command, 08: Length,
02: Parameter, C4: Checksum
Origin
App
App
App
App
Scooter
Scooter
Scooter
Scooter
Scooter
Scooter
Scooter
Scooter
Scooter
App
Scooter
Scooter
App
A-prefix: querying information
Cmd
A0
A1
A2
A3
A4
A5
A6
A7
A8
A9
AE
AF
B0
B1
B2
B3
B4
Function
GetScooterSettingWithType
GetScooterErrors
GetScooterInfo
SetScooterSetting
ScooterGetSettingStatus
ScooterErrorStatus
ScooterInfoState
ScooterSetSettingStatus
NotifyScooterError
NotifyInfo
PurchasedStatus
ScooterInfoState
ECU Challenge nonce
ECU Response digest
ECU unknown
ECU Error
ECU Cmd (Lock, Unlock, Open Trunk)
B-prefix: ECU Challenge Response
Gogoro Unlock flow
1.
Scooter scans nearby peripheral for GATT Gogoro Service
And if UUID {351AAF0F-}last 6-bytes matches its MAC Address
2.
Mobile App reads GATT Scooter status, enable unlock button.
Click to send ECU_Cmd(0xB4): 00 Lock, 01 Unlock, 02 Op Truck
3.
Scooter writes ECU_Challenge (0xB0), a random 256 bit nonce
4.
Mobile App notify ECU_Response (0xB1), also 256 bits
ECU_Response =SHA256(ECU_Challenge, Security_Key)
5.
Scooter compares ECU_Response if correct
then ECU_Cmd will be executed, Unlocked.
the Security_Key
• ECU_Response =SHA256(ECU_Challenge, Security_Key)
• Early App put Security_Key in Document folder (slightly encrypted)
• iOS MobileAppProp.plist has ScooterSKey
• Android Settings.xml has AppSettings_DefScooter/encryptedkey2
• Decrypting: AES-256, CBC/PKCS7Padding, IV=UserId, Key = ScooterUUID
• Document folder can be backed-up via iTunes / Android adb
• Various methods: cable Juicy Attack, iTunes backup folder extraction etc.
• AndroidManifest.xml has allowBackup flag set to true
• Security_Key can be retrieved from WebAPI
• Attacker can brute My Gogoro membership
• App Cookie can be stolden (MobileAppProp.plist has Web_Token)
• https://mobile-pro.gogoroapp.com/WebService/Web/GetKey
Insecure App Data Storage
• Token, Certificate should be stored encrypted
• Manages Timeout, Password Tamper etc.
• Limits user, process access and key export
• Most OS platforms has secure storage zone
• Apple iOS/macOS Keychain
• iPhone 6~ Secure Enclave
• Android Keystore
• Samsung S6~ KNOX
• Windows Protected Storage
• HSM Such as UbiKey
Unlock code generator
• We wrote our Android App to generate
ECU_Response and unlocked scooters
successfully if Security_Key is known.
• Demo
Via this experiment we proved:
1. Security_Key is necessary to unlock scooter.
2. Security_Key can be cloned or transferred.
3. Gogoro Scooter cannot identify Mobile App hardware.
Gogoro Analysis Summary
• HW identifier privacy makes authentication difficult
• IoT device trusts Security_Key rather than your Mobile Phone
• Protect your Security_Key hard !!!
• Insecure App Data Storage vulnerable
• Security_Key should not be stored in Document folder
• Should be stored at Keychain / KeyStore
• Other possible weakness
• WebAPI should do SSL Cert Pining to prevent MitM
• Relay-Attack for Challenge-Response might be possible
• Dumping Security_Key from Key Fob MCU or Scooter ECU ?
Gogoro system is generally safe…
• Although BLE SMP pairing is not adapted,
Challenge/Response is better than Keeloq OTP
• Obtaining Security_Key from mobile phone is
possible only when malware infected/jailbroken.
• Obtaining Security_Key from PC backup folder
still needs to infect PC and decrypt slightly AES.
• Obtaining Security_Key from WebAPI might be the
easiest way if username / password can be retrieved,
brute-force or from other leaked database.
How to steal a Gogoro Scooter
• Infect the owner’s phone or backup PC
• Obtain and decrypt Security_Key from plist
• Owner open App to check fuel in Public Wifi
• Do SSL MitM to get his cookie
• Ask WebAPI for Security_Key
• Simulate the BLE Gogoro Service
• With target scooter’s MAC UUID
• Approach target scooter and do ECU Challenge
Response
• Rode away as soon as possible.
• But you still cannot exchange battery :-(
• Gogoro Battery has NFC authentication.
SSL MitM to retrieve Security_Key
Responsible disclosure
• 2016/02 App supports BLE unlock
•
•
•
•
2016/04 We notified Gogoro Vendor
2016/04 Fixed Security Key store
2016/07 Fixed SSL Cert verification
2016/07 Issued force logout update
• 2016/12 Full Recall / Replace ECU
• Better Bluetooth Pairing Function
We will keep investing on
security area and have more
frequently release for security
improvement in the future.
Designing good IoT-phone authentication
• Device does not know each other
• IoT device does not know phone
• IoT device knows secret key
• IoT server provision secret key to phone
• Preventing Security_Key cloning
•
•
•
•
•
BLE 4.2 SMP Secure Connections
Phone has hardware identifier
store it in Secure Element
use OOB OTP such as SMS
add dual-counter to detect
Auth Methods Comparisons
Method
Advantage
Disadvantage
Server Provision Secret Key
Phone device independent
Easy to steal, hard to detect
BLE 4.2 Secure Connections
Prevents MITM and clone.
Need a numeric display
Hardware Identifier
ID device. Prevents clone.
Privacy concern
Store in Secure Element
Encrypted, difficult to clone Not every phone has SE
OOB OTP such as SMS
Trusting phone number.
Dual-counter detection
Can easily detect abuse.
OOB Channel cost (SMS)
Cannot prevent abuse.
Dual-counter enhanced
Can revoke HMAC(Key) when phone lost
HMAC of
Can detect when HMAC(Key) is abused
Device  Server
KD Permeant Shared Key
TD Counter D
IDS Identification
KSD HMAC(KD, IDS) (temp)
HTD HMAC(KD, TD ) (temp)
Device  Smart Phone
Cha. RAND()
Res. HMAC(KSD, HTD, TD)
TS
Counter S
R
Command Request
HTS,R HMAC(KSD, TS, R)
Device  Server Counter D
Device  S. Phone Counter S
When HMAC(Key) is used,
Counter will change.
If counter de-synced,
User can detect abuse.
Conclusion
1.
introduction to Bt Low Energy, Security Manager Protocol,
Smartphone authentications to controls IoT devices via BLE.
2.
BLE 4.0 has many privacy features, restricting vendor powers,
Hardware identifiers are either limited or randomized.
3.
Challenges when designing auth methods, many vendors
giving up SMP pairing, using just plaintext transmissions.
4.
How to analyze BLE protocols, we examined many health and
IoT devices, including Gogoro Smart Scooter vehicle.
5.
Without SMP pairing, these vendor-designed authentications
are sometimes flawed, so we are able to ignite other Gogoro.
6.
We propose a better auth protocol: Dual-counter enhanced.
Future research
• Hardware hacking
• Dump Security_Key from Key Fob MCU (TI CC2540)
• Dump Security_Key from Scooter ECU (Atmel)
• Cryptography analysis
• Challenge nonce randomization strength?
• Challenge response acceptance timeframe?
• Relay-Attack on challenge responses
• Attacker A approach Owner
• Attacker B approach Scooter
• A & B Relay challenge response over internet
Special thanks to
• Professor CSC’s guidance and research
• Gogoro designed a BLE Smart Scooter
• Hiraku help dumping iOS app
• Support from lab and company colleagues
Q&A
• IoT is Security or Nothing
• Any questions?
• GD@TeamT5.org
References
•
Bluetooth SIG, Bluetooth Smart (Low Energy) Security. Bluetooth SIG, 2016
https://developer.bluetooth.org/TechnologyOverview/Pages/LE-Security.aspx
•
Bluetooth SIG, Bluetooth Specification Version 4.0, Bluetooth SIG, 2010
•
Andrew Garkavyi, Bluetooth Low Energy. Essentials for Creating Software with Device to Smartphone Connectivity, Stanfy Inc, 2015
https://medium.com/@stanfy/bluetooth-low-energy-essentials-for-creating-software-with-device-to-smartphone-connectivity5164c71963e7
•
Mike Ryan, Bluetooth: With Low Energy comes Low Security, iSEC Partners, USENIX WOOT, 2013.
•
Mike Ryan, Hacking Bluetooth Low Energy: I Am Jack's Heart Monitor, ToorCon 14, 2012.
•
Lindell, A. Y. Attacks on the pairing protocol of bluetooth v2.1, BlackHat US, 2008.
•
Samy Kamkar, Drive It Like You Hacked It, Defcon 23, 2015
http://samy.pl/defcon2015/2015-defcon.pdf
•
Gogoro, Gogoro Smart Scooter 規格書, 睿能創意股份有限公司, 2015.
http://images.gogoroapp.com/download/PDF/tw/Gogoro-Smartscooter-Spec-Sheet-2015-06-17-02-Chinese.pdf
•
Google, Android Physical Identifier Privacy, Google, 2016.
•
https://developer.android.com/about/versions/marshmallow/android-6.0-changes.html#behavior-hardware-id
•
Apple, iOS Physical Identifier Privacy, Apple, 2016.
https://developer.apple.com/library/ios/documentation/UIKit/Reference/UIDevice_Class
•
N. Gupta, Inside Bluetooth Low Energy. Artech House, 2013.
•
Le IoT 想想物聯網 Blog, 2016
https://thinkingiot.blogspot.tw/
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising