BIAS: Bluetooth Impersonation AttackS

Bluetooth (BR/EDR) is a pervasive technology for wireless communication used by billions of devices. The Bluetooth standard includes a legacy authentication procedure and a secure authentication procedure, allowing devices to authenticate to each other using a long term key. Those procedures are used during pairing and secure connection establishment to prevent impersonation attacks. In this paper, we show that the Bluetooth specification contains vulnerabilities enabling to perform impersonation attacks during secure connection establishment. Such vulnerabilities include the lack of mandatory mutual authentication, overly permissive role switching, and an authentication procedure downgrade. We describe each vulnerability in detail, and we exploit them to design, implement, and evaluate master and slave impersonation attacks on both the legacy authentication procedure and the secure authentication procedure. We refer to our attacks as Bluetooth Impersonation AttackS (BIAS).

BIAS: Bluetooth Impersonation AttackS

Graph Chatbot

On the Theory and Practice of Modern Secure Messaging

Integrated Wireless Power, Data Communication, and Thermal Sensing System for Autonomous Multisite Brain Implants

A review of the security vulnerabilities and countermeasures in the Internet of Things solutions: A bright future for the Blockchain

On the Theory and Practice of Modern Secure Messaging

Integrated Wireless Power, Data Communication, and Thermal Sensing System for Autonomous Multisite Brain Implants

A review of the security vulnerabilities and countermeasures in the Internet of Things solutions: A bright future for the Blockchain