Repository about Bluetooth Impersonation AttackS (BIAS).
- Instruction to perform the BIAS attacks
- Code to patch linux-4.14.111 to enable H4 parsing
- Make sure to install the relevant kernel modules to interface with the devboard. For example, USB serial drivers and device drivers for the Bluetooth subsystem.
- Code to validate the legacy authentication procedure
- Code to validate the secure authentication procedure
Related work:
- BIAS: Bluetooth Impersonatoin AttackS [S&P20]
- The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR [SEC19]
I'd like to thank Nils Glörfeld for his contributions to reverse-engineer and patch the CYW920819 development board's firmware, and to patch the Linux kernel.