Bluetooth BLUR Attacks (BLURtooth)

Mar 5, 2022

In 2020 we disclosed the BLUR attacks, a family of high impact threats affecting Bluetooth’s cross-transport key derivation (CTKD). The BLUR attacks are the first sample of cross-transport attacks for Bluetooth as they allow to exploit Bluetooth Classic and Bluetooth Low Energy jut by targeting one of the two.

The BLUR attacks are tracked with CVE-2020-15802.

bluetooth protocol
Daniele Antonioli
Daniele Antonioli
Assistant Professor

Research in cyber-physical and wireless system security

comments powered by Disqus

Related

Publications

D. Antonioli, N. O. Tippenhauer, K. Rasmussen, M. Payer (2022). BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy. ACM AsiaCCS.

PDF Cite Code Project Slides Video Website CVE-2020-15802 CVE-2022-20361

Events

On the (In)securities of Popular Standard and Proprietary Wireless Protocols
This talk covers our recent research on the (in)securities of proprietary and standard wireless security protocols used daily by millions of devices and users. In particular, I will cover the BLUR attacks on Bluetooth, a novel class of threats capable of exploiting Bluetooth Classic from Bluetooth Low Energy and vice versa.
Jun 1, 2023 00:00 Oxford University, CS Dept
On the (In)securities of Popular Standard and Proprietary Wireless Protocols