Bluetooth cracked further
Dan Riley
dsr at mail.lns.cornell.edu
Sat Jun 4 11:50:03 EDT 2005
Matt Crawford <crawdad at fnal.gov> writes:
> On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
> > 2) They also have a way of forcing pairing to happen, by impersonating
> > one of the devices and saying "oops! I need to pair again!" to the
> > other.
>
> Do the devices then pair again without user intervention, re-using the
> PIN that paired them initially?
In the notes for section 5, they say
If the attack is successful, the Bluetooth user will need to enter
the PIN again - so a suspicious user may realize that his
Bluetooth device is under attack and refuse to enter the PIN.
So no, it doesn't re-pair without intervention.
-dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list