Cryptology ePrint Archive: Report 2013/309

Bypassing Passkey Authentication in Bluetooth Low Energy

Tomas Rosa

Abstract: This memo describes new cryptographic weakness of the passkey-based pairing of Bluetooth Low Energy (also known as Bluetooth Smart). The vulnerability discussed here extends the set of possible attacking scenarios that were already elaborated before by Mike Ryan at Shmoocon 2013.

Instead of the passive sniffing attack on pairing secrets, we show how an active fraudulent Responder can gracefully bypass passkey authentication, despite it being possibly based on even one-time generated PIN.

Category / Keywords: cryptographic protocols / Bluetooth Low Energy Authentication

Date: received 22 May 2013, last revised 23 Apr 2014

Contact author: tomas rosa96 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Improved formatting and some typos were corrected.

Version: 20140423:113521 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]