Bluetooth Low Energy (BLE) was introduced in Bluetooth version 4.0 with an entirely new protocol stack, aiming to bring comparable functionality for low power applications. This has since become the standard for many peripherals and IoT devices. In an effort to be as universal as possible, BLE supports a wide range of security requirements, leaving devices that opt out of the high security options vulnerable. The goal of this project was to perform an attack capable of reading and writing keystrokes transmitted between a popular BLE keyboard model and the connected central device. Two nRF52840 dongles were used in conjunction with a Raspberry Pi, the Mirage framework, and a custom Zephyr firmware. By writing a Man-in-the-Middle attack that intercepts the pairing process, encryption was fully bypassed and keystrokes were logged seamlessly. The attack successfully showcased the vulnerabilities present in the BLE protocol, which warrants attention from the Bluetooth SIG.
Authors
First Name
Last Name
Wesley
Newsam
Emilie
Leavitt
File Count: 2
Leave a comment
Submission Details
Conference URC
Event Interdisciplinary Science and Engineering (ISE)
Department Electrical and Computer Engineering (ISE)
