Posts

Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy

Our new paper Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy will appear in the ACM Transactions on Privacy and Security.

Our paper extends our previous work on the KNOB attack on Bluetooth BR/EDR to Bluetooth Low Energy (BLE), presents an updated evaluation of the KNOB attack for Bluetooth BR/EDR and discusses some of the countermeasures put in place by vendors such as Google and Apple after the disclosure of the KNOB attack and the amendment of the Bluetooth standard.

Apr 26, 2020 1 min read
Bluetooth Impersonation AttackS (BIAS) at IEEE S&P 2020

Our paper Bluetooth Impersonation AttackS (BIAS) will be presented at the IEEE Symposium on Security and Privacy (IEEE S&P) 2020.

More information are available in the BIAS website

Apr 16, 2020 1 min read
KNOB Attacks Talk at Hardwear.io 2020

I’m glad to give a talk titled From the Bluetooth Standard to Standard Compliant 0-days together with Mathias Payer at the virtual edition of Hardwear.io 2020.

Our talk covers, among others, the technical details behind the Key Negotiation Of Bluetooth (KNOB) attack on Bluetooth BR/EDR, its extension to BLE, and the countermeasures adopted by vendors, such as Google and Apple, to mitigate the KNOB attacks.

Apr 5, 2020 1 min read
InspiredResearch Newsletter University of Oxford

The InspiredResearch (Winter 2019 Issue 15) twice-yearly newsletter from the Computer Science Department of the University of Oxford features a nice article about the KNOB attack by Prof. Kasper Rasmussen.

Jan 10, 2020 1 min read
Security Engineering Third Edition (SEv3)

Recently, I’ve stumbled upon the webpage about Security Engineering – Third Edition (SEv3) by Prof. Ross Anderson. I’m particularly attached to this book, as it is the first book about information security that I bought (I bought SEv2 in 2012), and it was very helpful to introduce me to security engineering (coming from an EE background) and to tackle my master thesis about Random Number Generators. Actually, I have to thank Prof. Wayne Burleson for the book recommendation!

Dec 7, 2019 1 min read
Postdoc with Mathias Payer's HexHive group at EPFL

Next January I will join as a postdoc Mathias Payer’s HexHive group at EPFL.

Looking forward to start a new adventure, and meet old and new friends.

😆

Nov 29, 2019 1 min read
KNOB Attack References and Advisories

I’ve collected a list of references and advisories about the KNOB attack from several hardware and software providers and organizations. You can find it in the last paragraph of the “Are my Devices Vulnerable?” section of knobattack.com.

Oct 17, 2019 1 min read
Video of my KNOB Attack Presentation at USENIX Security 2019

Title of the paper: The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR:

More info at knobattack.com

Oct 7, 2019 1 min read
KNOB Attack Interview with Dave Bittner (CyberWire)

Today CyberWire aired my interview about the KNOB attack with Dave Bittner.

Sep 14, 2019 1 min read
PhD at SUTD Completed!

I’m glad to announce that I’ve completed my PhD in Computer Science at SUTD about Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems. I’ve uploaded my thesis and the slides of my final presentation. For more information have a look here.

Aug 27, 2019 1 min read