Daniele Antonioli
Nils Ole Tippenhauer
Description: Details on the KNOB attack
TL;DR: The specification of Bluetooth includes an encryption key negotiation protocol that allows to negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process. A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.
Bluetooth is a wireless communication protocol commonly used between low power devices to transfer data, e.g., between a wireless headset and a phone, or between two laptops. Bluetooth communications might contain private and/or sensitive data, and the Bluetooth standard provides security features to protect against someone who wants to eavesdrop and/or manipulate your information. We found and exploited a severe vulnerability in the Bluetooth specification that allows an attacker to break the security mech
Video recording of the KNOB attack presentation at USENIX Security 2019 by Daniele Antonioli:
Daniele Antonioli
Nils Ole Tippenhauer