Revision history [back]
 | 1 | initial version | posted 2019-08-16 20:57:23 +0200  |
KNOB Attack and Jolla
The entropy of Bluetooth session keys is negotiated in an unauthenticated protocol between the participants. The attacker can manipulate this to the lowest entropy allowed, 1 byte. The resulting session key can then easily be brute forced.
(The link points to the research paper as well as some additional information in regard to this flaw in bluetooth)
Will there be an implementation in Sailfish OS that will deal with this issue?
| | 2 | No.2 Revision |
KNOB Attack and JollaSailfish OS
The entropy of Bluetooth session keys is negotiated in an unauthenticated protocol between the participants. The attacker can manipulate this to the lowest entropy allowed, 1 byte. The resulting session key can then easily be brute forced.
(The link points to the research paper as well as some additional information in regard to this flaw in bluetooth)
Will there be an implementation in Sailfish OS that will deal with this issue?
| | 3 | No.3 Revision |
KNOB Attack and Sailfish OS
The entropy of Bluetooth session keys is negotiated in an unauthenticated protocol between the participants. The attacker can manipulate this to the lowest entropy allowed, 1 byte. The resulting session key can then easily be brute forced.
The KNOB attack is possible due to flaws in the Bluetooth specification. As such, any standard-compliant Bluetooth device can be expected to be vulnerable. We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices). At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers.
(The link points to the research paper as well as some additional information in regard to this flaw in bluetooth)
Will there be an implementation in Sailfish OS that will deal with this issue?