Bluetooth BLUR Attacks (BLURtooth)

In this talk we will explore recent research on real world wireless security protocols. We will cover standard protocols such as Bluetooth pairing and session establishment and proprietary ones such as IoT application layer protocols used to secure traffic between companion mobile applications and electric scooters and fitness trackers.

Keynote given at ACSW'24 (EuroS&P Workshop) covering Automotive Bluetooth Security and E-Spoofer.

This talk covers our recent research on the (in)securities of proprietary and standard wireless security protocols used daily by millions of devices and users. In particular, I will cover the BLUR attacks on Bluetooth, a novel class of threats capable of exploiting Bluetooth Classic from Bluetooth Low Energy and vice versa. Then, I will report on our security evaluation of protocol-level Bluetooth threats on vehicles (i.e., cars), a currently unexplored by impactful attack surface. Next, I will shift to proprietary wireless protocols and describe our security assessments of Xiaomi and Fitbit fitness trackers’ proprietary protocols. Finally, I will conclude by covering our latest work on custom Xiaomi e-scooters’ wireless protocols.