BIAS Attacks

The Bluetooth Impersonation AttackS (BIAS) exploits standard-compliant vulnerabilities in the Bluetooth authentication procedures. The attacks allow an attacker to impersonate any Bluetooth master and slave device during secure session establishment without knowing the long term pairing key. The attacks work regardless of the Bluetooth security mode (legacy and secure authentication procedures), and hardware and software implementation details. The BIAS attack is listed as CVE-2019-9506

Teaser

Presentation at IEEE S&P 2020

protocol bluetooth bias
Avatar
Daniele Antonioli
Postdoc at the EPFL

I'm interested in cyber-physical and wireless systems security.

Publications

(2020). BIAS: Bluetooth Impersonation AttackS. IEEE S&P.

PDF Code Project Slides Video Teaser Website CVE-2020-10135