Posts

I’m glad to announce that I’ve completed my PhD in Computer Science at SUTD about Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems. I’ve uploaded my thesis and the slides of my final presentation. For more information have a look here.

I’ve pushed the code to perform the KNOB attack also when the Nexus 5 is the Bluetooth slave responding to the first LMP packet. To switch between different attack modes have a look at the updated README.

Partially true. The KNOB attack was discovered by myself (Daniele Antonioli) from SUTD, Nils Ole Tippenhauer from CISPA, and Kasper Rasmussen from the University of Oxford. In particular, I’ve identified the vulnerability back in May 2018 while I was working with Kasper on Nearby Connections at the University of Oxford, and I wrote the first exploit in October 2018 while I was visiting Nils (my former advisor at SUTD) at CISPA. I’d like to thank the researchers from CISPA who kindly lent me their Bluetooth devices.

The code that we developed to validate and brute force E0 encryption keys is online.

The slides of my KNOB attack SEC19 talk are also online. As we can see from the slides, the KNOB attack is not conducted while two Bluetooth devices are pairing, but when two devices are connecting (establishing a new encrypted session). Bluetooth (BR/EDR) is a technology with a pair-once connect-multiple-times paradigm. For example, you pair your smartphone with your car once, and then every day you connect the two and the devices negotiate a new (fresh) encryption key.

Our KNOB repository is online, and it includes our PoC.

For more information visit knobattack.com

The embargo is over! The information about The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR, including our research paper, CVE details, and media coverage, are publicly available at knobattack.com

This week I’ve been in San Diego CA for the The Network and Distributed System Security Symposium (NDSS) 2019 conference.

I’ve presented our paper about Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android.

Recently, I’ve accepted the invitation to join the IEEE CPS-SEC workshop TPC. CPS-SEC is co-located with the IEEE CNS conference . From the official website:

The IEEE International Workshop on Cyber-Physical Systems Security (CPS-Sec) will be held in conjunction with the IEEE Conference on Communications and Network Security (CNS) 2019 in Washington, D.C., USA, on 10-12 June, 2019.