[17351] in cryptography@c2.net mail archive
Re: Bluetooth cracked further
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Jun 3 14:38:32 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: Matt Crawford <crawdad@fnal.gov>
Cc: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 03 Jun 2005 14:21:52 -0400
In-Reply-To: <dfd1aefe4b1974a0af0bbd33690f5e4e@fnal.gov> (Matt Crawford's
message of "Fri, 03 Jun 2005 12:58:47 -0500")
Matt Crawford <crawdad@fnal.gov> writes:
> On Jun 3, 2005, at 11:55, Perry E. Metzger wrote:
>> 2) They also have a way of forcing pairing to happen, by impersonating
>> one of the devices and saying "oops! I need to pair again!" to the
>> other.
>
> Do the devices then pair again without user intervention, re-using the
> PIN that paired them initially?
That is my understanding. Ugly, isn't it?
> I always imagined I could use a lame PIN if I was far from any
> eavesdroppers...
Given the nature of this new attack, it probably doesn't matter.
Perry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
