Hardware Security 29.07.2018

Speaker:  Lior Neumann
Time:  Sunday, 29/07/2018, 09:30
Place: Taub 601

Title: Discovered@Technion —  Breaking the Bluetooth Pairing

Bluetooth is a widely deployed platform for wireless communications between mobile devices. It uses authenticated Elliptic Curve Diffie-Hellman for its key exchange. We show that the authentication provided by the Bluetooth pairing protocols is insufficient and does not provide the promised MitM protection. We present a new variant of an Invalid Curve Attack that preserves the x-coordinate of the public keys. The attack compromises the encryption keys of all of the current Bluetooth authenticated pairing protocols, provided both paired devices are vulnerable. Specifically, it successfully compromises the encryption keys of 50% of the Bluetooth pairing attempts, while in the other 50% the pairing of the victims is terminated. Finally, we show that most of the Bluetooth market is vulnerable.

Lior Neumann is a graduate student towards M.Sc. at the Technion computer science department under the supervision of prof. Eli Biham.
He completed the Bachelor degree in the Etgar program for excellent high-school students at the University of Haifa.