description
- I propose to investigate the security of common radio technologies, namely Bluetooth Low Energy. I will mainly focus on Bluetooth protocol exploits, however I would also research attacks on popular Bluetooth implementations, like BlueZ or those provided my major microcontroller manufacturers (Texas Instruments BLE SDK, Nordic Semiconductor BLE SoftDevice, etc). For the last two years I have worked on building consumer Bluetooth devices, and as such I have gained a deep understanding of how Bluetooth 4.0, 4.1, 4.2 and 5 work, and have hypothesised some exploits in this area during this time. I will also propose designing a cyptographic scheme for devices which have limited IO. Devices like this, which only have a single button and/or a few LEDs often use Bluetooth to communicate to a phone, which has very little provision for securing links to such devices. Some similar schemes exist, for example PACE developed my BSI, but these often fall short by requiring more IO, are blocked by patents (US20140157385A1 for example) , or are too high power for small battery powered devices and as such are not adopted by the industry.