2025-06-13 –, Backup
Auracast, the new Bluetooth LE Broadcast Audio feature has gained some publicity in the last few months. The Bluetooth SIG has been working on the specification of this feature set in the past few years and vendors are only now starting to implement it. Auracast enables broadcasting audio to multiple devices. These broadcasts can also be encrypted. Unfortunately, the security properties of the protocol are vague and insufficient. It has already been shown that these broadcasts can be hijacked by anyone when unencrypted.
This talk aims to explain the state of (in)security of the protocol and add to it by showing that even when encrypted, broadcasts can often be cracked easily. Once equipped with the passcode, attackers can eavesdrop and hijack even encrypted broadcasts. The Bluetooth specification is very vague in what security goals it tries to achieve for (encrypted) broadcasts. Security for Auracast is only ever mentioned in terms of confidentiality, which is supposedly achievable by encrypting a broadcast. On a higher level, this also shows how the specification seemingly added security to the protocol as an afterthought.
To examine whether the vague specification and the bad examples lead to real-world issues, we have surveyed several implementations of Auracast. We found that on popular devices the default configuration is weak and allows breaking the authenticity and confidentiality of the Auracast broadcast.
Dennis Heinze is working as a Security Analyst & Researcher at ERNW Enno Rey Netzwerke GmbH. He earned his Master’s degree in IT-Security at TU Darmstadt with a focus on network and system security. In the past, he published research on the Bluetooth technology in the Apple ecosystem with a special focus on the analysis and security of Bluetooth protocol implementations. In his work at ERNW, the focus of his work is on pentesting mobile and embedded devices as well as their communication and back end systems.