Over the years, the security mechanism used in BR/EDR (Classic) have evolved from Legacy Pairing over Secure Simple Pairing to the current Secure
For Bluetooth Low Energy (BLE) connections, most application make use of the Generic Attribute Profile (GATT) profile. Access to data on the GATT
The Cross-transport Key Derivation (CTKD) between Bluetooth LE and Classic (BR/EDR) transports introduces various security issues depending on
LE Secure Connections uses the Passkey entry method to prevent MITM attacks. However, the new ‘Method Confusion Attack’ shows that a
A new Bluetooth security paper Bluetooth Impersonation AttackS (BIAS) shows how flaws in the Bluetooth spec can be used to perform a variant of
The new KNOB attack exploits a flaw in the key negotiation protocol for classic connections and lets an attacker reduce the effective key length
Re-evaluating LE Legacy Pairing, we realized that customers could miss to set two security keys (ER + IR) to persistent random values, which