Bluetooth Auracast is a marketing term for a subset of the new "LE Audio" features introduced in the Bluetooth 5.2 specification.
LE Audio is designed to provide better sound quality, longer battery life and new capabilities for audio devices like headphones, earbuds and especially hearing aids. Essentially, Auracast is an audio broadcast feature set for Bluetooth Low Energy. Our talk will focus on the new features introduced in the core spec, namely Broadcast Isochronous streams (BIS).

The protocol specification for Auracast was released several years ago, and vendors are only now beginning to implement application-level support for it. Previous research from 2023 (the "BISON" paper) has already shown that unencrypted Auracast broadcasts can be hijacked.

The Bluetooth specification is very vague in what security goals it tries to achieve for (encrypted) broadcasts. The core building block for LE Audio broadcasts are Broadcast Isochronous Streams (BIS). Security for BIS is only ever mentioned in terms of confidentiality, which is supposedly achievable by encrypting a BIS. In this talk we'll shed some light on the security properties of Auracast and show that authenticity and confidentiality can be violated, even when broadcasts are encrypted.

To examine whether the vague specification and the bad examples lead to real-world issues, we have surveyed several implementations of Auracast. We found that on popular devices the default configuration is weak and allows breaking the authenticity and confidentiality of the Auracast broadcast.

Alongside the talk, we will release a toolkit that allows to dump, decrypt and hijack encrypted Auracast broadcasts.