1. Publications
  2. BLUFFS: Bluetooth forward and future secrecy attacks and defenses
print

BLUFFS: Bluetooth forward and future secrecy attacks and defenses

Antonioli, Daniele
THCon 2024, Toulouse Hacking Convention, 4-5 April 2024, Toulouse, France

Ciao! We present the BLUFFS attacks (CVE-2023-24023), six novel attacks breaking Bluetooth's forward and future secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by compromising and re-using one session key. We also cover related work like KNOB, BIAS, and BLUR, and educational Bluetooth security tips and tricks.


Detail
BIBTEX
Type:
Talk
City:
Toulouse
Date:
2024-04-04
Department:
Digital Security
Eurecom Ref:
7641
Copyright:
© EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in THCon 2024, Toulouse Hacking Convention, 4-5 April 2024, Toulouse, France and is available at :
See also:
ANTONIOLI Daniele
PERMALINK : https://www.eurecom.fr/publication/7641