Overview
Explore the vulnerabilities in Bluetooth pairing through this conference talk that delves into the Fixed Coordinate Invalid Curve Attack. Learn about elliptic curve cryptography fundamentals, including group elements, point operations, and the Diffie-Hellman key exchange. Understand the intricacies of the Bluetooth pairing procedure, authentication phase, and how the attack exploits design flaws. Discover the attack methodology, including key derivation, verification, and over-air packet manipulation. Examine mitigation strategies and the disclosure process, as well as improvements in early secure connections and secure pairing protocols.
Syllabus
Introduction
Bluetooth
Bluetooth Pairing
First Attack
What is an Eelliptic Curve
Group Elements
Inverse Definition
Point Addition
Point Doubling
Identity Element
Eelliptic Curve DiffieHellman
Invalid Curve Attack
Assumptions
Pairing Procedure
Key Exchange
Authentication Phase
Attack Phase
SemiPassive
Key derivation
Verification
Frequency Hopping
Over Air Pocket Manipulation
Design Flaws
Mitigation
Disclosure
Early Secure Connections
Secure Pairing
Taught by
TheIACR