Paper 2013/309

Bypassing Passkey Authentication in Bluetooth Low Energy

Tomas Rosa

Abstract

This memo describes new cryptographic weakness of the passkey-based pairing of Bluetooth Low Energy (also known as Bluetooth Smart). The vulnerability discussed here extends the set of possible attacking scenarios that were already elaborated before by Mike Ryan at Shmoocon 2013. Instead of the passive sniffing attack on pairing secrets, we show how an active fraudulent Responder can gracefully bypass passkey authentication, despite it being possibly based on even one-time generated PIN.

Note: Improved formatting and some typos were corrected.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown status
Keywords
Bluetooth Low Energy Authentication
Contact author(s)
tomas rosa96 @ gmail com
History
2014-04-23: revised
2013-05-25: received
See all versions
Short URL
https://ia.cr/2013/309
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/309,
      author = {Tomas Rosa},
      title = {Bypassing Passkey Authentication in Bluetooth Low Energy},
      howpublished = {Cryptology ePrint Archive, Paper 2013/309},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/309}},
      url = {https://eprint.iacr.org/2013/309}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.