bluetooth attack
blesa
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
缺乏authentication & encryption,伪造交互信息,从secure connection降级
其根源在于向后兼容,允许降级
misbinding attack
Misbinding Attacks on Secure Device Pairing and Bootstrapping
ble pairing & eap-noob 的核心问题在于,pairing时并未对device identifier做认证。因此存在identity misbinding的风险。
缓解:sts, sigma, ike
device provsioning protocol (dpp)
invalid curve
CVE-2018-5383: Breaking the Bluetooth Pairing – The Fixed Coordinate Invalid Curve Attack
knob
bias
vulnerable pairing
Breaking BLE — Vulnerabilities in pairing protocols leave Bluetooth devices open for attack