For Bluetooth Low Energy (BLE) connections, most application make use of the Generic Attribute Profile (GATT) profile. Access to data on the GATT
The Cross-transport Key Derivation (CTKD) between Bluetooth LE and Classic (BR/EDR) transports introduces various security issues depending on
LE Secure Connections uses the Passkey entry method to prevent MITM attacks. However, the new ‘Method Confusion Attack’ shows that a
A new Bluetooth security paper Bluetooth Impersonation AttackS (BIAS) shows how flaws in the Bluetooth spec can be used to perform a variant of
The new KNOB attack exploits a flaw in the key negotiation protocol for classic connections and lets an attacker reduce the effective key length
Re-evaluating LE Legacy Pairing, we realized that customers could miss to set two security keys (ER + IR) to persistent random values, which