What is KNOB (Key Negotiation of Bluetooth) attack vulnerability and how is it addresses in the SU60/ST60?

The specification of Bluetooth includes an encryption key negotiation protocol that allows for the negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process.

A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.

With the 7.1.0.9 release for the ST60/SU60, all options including USB-USB have addressed and resolved the KNOB attack vulnerability.

Categories

Products