KNOB: Key Negotiation of Bluetooth Attack

The new KNOB attack exploits a flaw in the key negotiation protocol for classic connections and lets an attacker reduce the effective key length to a single byte of Classic connections, which then can easily be broken by brute-force.

While Bluetooth Controller could be updated by the vendor to require at least a 56 bit key length, the recommended remedy by Bluetooth SIG Erratum 11838 is to validate the effective encryption key size by the Bluetooth stack.

We have implemented such a scheme and chose 128 bit (16 byte) as default required encryption key length for GAP Security Levels 1-3 in BTstack (Please note: GAP Security Level 4 mandates 128 bit encryption key size). If needed, you can reduce the minimum encryption key size down to 56 bit by calling gap_set_required_encryption_key_size.

Low Energy Legacy Pairing Re-evaluated
BIAS: Bluetooth Impersonation AttackS