Daniele Antonioli

Python basics

Fri, 01 Jan 2021 00:00:00 +0000

Build a foundation in Python.

1-2 hours per week, for 8 weeks

Learn

Quiz

What is the difference between lists and tuples?

Lists

Lists are mutable - they can be changed
Slower than tuples
Syntax: a_list = [1, 2.0, 'Hello world']

Tuples

Tuples are immutable - they can’t be changed
Tuples are faster than lists
Syntax: a_tuple = (1, 2.0, 'Hello world')

Is Python case-sensitive?

Yes

Visualization

Fri, 01 Jan 2021 00:00:00 +0000

Learn how to visualize data with Plotly.

1-2 hours per week, for 8 weeks

Learn

Quiz

When is a heatmap useful?

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Write Plotly code to render a bar chart

import plotly.express as px
data_canada = px.data.gapminder().query("country == 'Canada'")
fig = px.bar(data_canada, x='year', y='pop')
fig.show()

Statistics

Fri, 01 Jan 2021 00:00:00 +0000

Introduction to statistics for data science.

1-2 hours per week, for 8 weeks

Learn

The general form of the normal probability density function is:

$$ f(x) = \frac{1}{\sigma \sqrt{2\pi} } e^{-\frac{1}{2}\left(\frac{x-\mu}{\sigma}\right)^2} $$

The parameter $\mu$ is the mean or expectation of the distribution. $\sigma$ is its standard deviation. The variance of the distribution is $\sigma^{2}$.

Quiz

What is the parameter $\mu$?

The parameter $\mu$ is the mean or expectation of the distribution.

BlueBrothers: Three New Protocols to Secure Bluetooth

Thu, 16 Apr 2026 00:00:00 +0000

HardaBLE: Hardening BLE Against Software Compromise

Thu, 16 Apr 2026 00:00:00 +0000

MaDoS: Matter DoS Attacks via Secure Channel Status Reports

Tue, 31 Mar 2026 00:00:00 +0000

BLERP Peripheral Impersonation Attack Demo

Mon, 23 Mar 2026 00:00:00 +0000

Here is Tommaso Sacchetti demonstrating the BLERP peripheral impersonation attack against a vulnerable Android 13 build (2024). In this setup, an attacker in proximity impersonates a trusted mouse, triggers an unauthenticated re-pairing, and takes over the input channel. Recent Android versions have addressed this issue.

E-Trojans Black Hat USA 25 Video

Wed, 18 Mar 2026 00:00:00 +0000

Last summer, Marco Casagrande and I talked about E-Trojans: Ransomware, Tracking, DoS, and Data Leaks on Xiaomi Electric Scooters at Black Hat USA 2025. Our presentation is online:

DCS-CI: Design for Cyber Secure Critical Infra

Mon, 16 Mar 2026 00:00:00 +0000

The call for submission for the first edition of the DCS-CI conference is online.

The Design of Cyber-Secure Critical Infrastructure (DCS-CI) 26 conference invites researchers, practitioners, and thought leaders to submit original work that advances our collective understanding of how to design, deploy, and maintain secure critical infrastructure systems. We welcome submissions from diverse disciplinary perspectives, including computer science, control systems engineering, security studies, public policy, and operations management. Interdisciplinary contributions that bridge theoretical innovation with practical application are particularly encouraged.

Submit you research papers here.

WiSec'26 Call for Posters and Demos

Mon, 16 Mar 2026 00:00:00 +0000

I am excited to chair the WiSec Demo and Poster session.

Please submit your great posters and demos via this HotCRP instance!

All poster titles must be prefixed with POSTER: and all demo titles with DEMO:.

Deadlines:

Submission: April 7, 2026 (AOE)
Notification: April 21, 2026
Camera-ready: May 5, 2026

Please also share the word!

BLERP: BLE Re-Pairing Attacks and Defenses

Sat, 14 Feb 2026 00:00:00 +0000

In mid 2024, Tom and I looked at BLE re-pairing, an underlooked attack surface. We uncovered four critical re-pairing attacks and design-level vulnerabilities that allow device impersonation and MitM of arbitrary devices in BLE range. The attacks work even in the most secure BLE modes, like authenticated pairing and Secure Connections Only, and require 0-click or 1-click interactions.

As part of our responsible disclosure we also proposed effective countermeasures that can be adopted by implementers and by the Bluetooth SIG. AFAIK, the Bluetooth SIG is not planning to fix the BLERP attacks and vulnerabilities, although they should.

After almost 1.5 years, we publicly release the BLERP paper and codebase:

CTRAPS on the DEF CON 33 Hackers' Almanack

Sat, 14 Feb 2026 00:00:00 +0000

The DEF CON 33 Hackers’ Almanack just dropped. We would like to thank Paul Chang and their team for featuring CTRAPS in the Right to Repair section. Read and share the Almanack!.

Links: CTRAPS paper and DEF CON talk.

BLERP: BLE Re-Pairing Attacks and Defenses

Mon, 05 Jan 2026 00:00:00 +0000

PrivacyShield: Relaying BLE Beacons to Counter Unsolicited Tracking

Mon, 05 Jan 2026 00:00:00 +0000

AttackDefense Framework (ADF): Enhancing IoT Devices and Lifecycles Threat Modeling

Wed, 15 Oct 2025 00:00:00 +0000

CTRAPS interview on Off By One Security

Mon, 22 Sep 2025 00:00:00 +0000

Marco and I talked about CTRAPS with Stephen Sims from Off By One Security about CTRAPS: CTAP Impersonation and API Confusion on FIDO2.

Thank you Stephen and Randall for inviting us and keep up with the awesome content in your YouTube channel!

CTRAPS at Euro S&P'25 and DEF CON 33

Fri, 04 Jul 2025 00:00:00 +0000

This week we presented at IEEE Euro S&P'25 CTRAPS: CTAP Impersonation and API Confusion on FIDO2, a paper about the security and privacy of FIDO2, a widespread standard used for single-factor and multi-factor authentication. We focus on the Client to Authenticator Protocol (CTAP), an application layer protocol spoken by a FIDO2 authenticator (e.g., a YubiKey) and a client (e.g., a smartphone or a laptop). We uncover seven CTAP design issues in the FIDO2 standard, including the lack of Client to Authenticator authentication, and eleven related new attacks we call CTRAPS.

The CTRAPS attacks are effective on any CTAP compliant FIDO2 client and authenticator since they exploit design issues, i.e., millions of FIDO2 devices and users. Their effects, include deletion of discoverable and non-discoverable credentials, DoS of an authenticator, and user tracking with FIDO2 credentials. The attacks affect not only a FIDO2 authenticator but also a relying party, e.g., by deleting the master key a user loses all the related non-discoverable credentials stored on the relying parties.

The eleven CTRAPS attacks are grouped into two classes:

four Client Impersonation (CI) attacks: where the attacker impersonates a client to an authenticator over CTAP to achieve several goals, like 0-click deletion of all credentials stored on the authenticator via the reset CTAP API call.
seven API Confusion (AC) attacks: where the attacker MitM a CTAP channel between a client and an authenticator and confound the authenticator by calling a different API than the one intended to be called by the client, e.g., the client thinks it has called and authorized the make credential API while the attacker calls the reset API and deletes all credentials.

We also release a toolkit implementing the attacks. It can be used for CTAP security testing as it includes a virtual CTAP testbed to test an authenticator without having to compromise real credentials and several malicious Clients to test various attack scenarios.

We successfully evaluate the CTRAPS attacks on six popular FIDO2 authenticators, including (FIPS compliant) YubiKeys, Feitian, and Solo and ten popular relying parties, like apple.com, github.com, adobe.com, and facebook.com.

We also release five CTRAPS attacks demos.

Moreover, we discovered an implementation-specific vulnerability affecting Yubikeys allowing to enumerate relying parties without authorization. Yubico promptly acknowledged the issue, see CVE-2024-35311, and YSA-2024-02. They released a new firmware fixing the vulnerability which is shipped with the following Yubikeys Series: 5, Security Key, Bio, FIPS,and CSPN.

We will also present CTRAPS at DEF CON 33.

More CTRAPS resources:

CTRAPS: CTAP Client Impersonation and API Confusion on FIDO2

Fri, 20 Jun 2025 00:00:00 +0000

Talk on CTRAPS attacks on FIDO2 as part of ETHZ ZISC seminars.

NDSS'26 Artifact Evaluation Comitee Self-Nomination

Fri, 13 Jun 2025 00:00:00 +0000

Mathy Vanhoef and I are co-chairing NDSS'26 Artifact Evaluation (AE).

We are looking for motivated PhD and Postdocs to self-nominate themselves for the NDSS'26 Artifact Evaluation Committee (AEC). Joining it would offer them practical experience and may ease developing artifact submissions for their papers.

The self nomination form is open until June 25th and available here.

NDSS'26 AEC call is here.

EmuOCPP: Effective and Scalable OCPP Security and Privacy Testing

Tue, 13 May 2025 00:00:00 +0000

SimProcess: High Fidelity Simulation of Noisy ICS Physical Processes

Tue, 13 May 2025 00:00:00 +0000

Bluetooth Security Testing with BlueToolkit: a Large-Scale Automotive Case Study

Fri, 11 Apr 2025 00:00:00 +0000

KNOB Attack and Crypto 101 by Alfred Menezes

Tue, 01 Apr 2025 00:00:00 +0000

Alfred Menezes has published a fantastic online course on real-world cryptography called Crypto 101: Real-World Deployments.

It is an honor to be featured in the Bluetooth Security Lecture (Lecture 4) which talks about the KNOB attack.

CheckOCPP: Automatic OCPP Packet Dissection and Compliance Check

Thu, 27 Mar 2025 00:00:00 +0000

CTRAPS: CTAP Impersonation and API Confusion on FIDO2

Thu, 27 Mar 2025 00:00:00 +0000

FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking and Multi-level Entropy-based Thresholds

Tue, 18 Mar 2025 00:00:00 +0000

Talk on FP-tracer and browser fingerprinting at Privasky'25.

On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats

Fri, 14 Mar 2025 00:00:00 +0000

Talk on Automotive Bluetooth Security at AMUSEC'25.

Cars are some of the most security-critical consumer devices. On the one hand, owners expect rich infotainment features, including audio, hands-free calls, contact management, or navigation through their connected mobile phone. On the other hand, the infotainment unit exposes exploitable wireless attack surfaces. This talk focuses on protocol-level Bluetooth threats on vehicles, a critical but unexplored wireless attack surface. These threats are crucial because they are portable across vehicles, and they can achieve impactful goals, such as accessing sensitive data or even taking remote control of the vehicle. Their evaluation is novel as prior work focused on other wireless attack surfaces, notably Bluetooth implementation bugs. Among relevant protocol-level threats, we pick the KNOB and BIAS attacks because they provide the most effective strategy to impersonate arbitrary Bluetooth devices and are not yet evaluated against vehicles.

CFP: ACSW 2025

Mon, 03 Feb 2025 00:00:00 +0000

The call for papers for the 4th Workshop on Automotive Cyber Security (ACSW) co-located with IEEE EuroS&P 2025 is closing today, Feb 3rd AoE. Please submit your automotive security work!

For more information see the ACSW website and its past editions.

AttackDefense Framework (ADF)

Tue, 17 Dec 2024 00:00:00 +0000

The ADF framework is described in a paper published in the ACM TECS journal in 2024 titled AttackDefense Framework (ADF): Enhancing IoT Devices and Lifecycles Threat Modeling and available on GitHub.

The AttackDefense Framework (ADF)

Tue, 17 Dec 2024 00:00:00 +0000

We release the AttackDefense Framework (ADF), a threat modeling framework for IoT devices and their life cycles. The ADF employs a flexible and generic threat data structure called the AttackDefense (AD) object. An AD can model attack and defense aspects, like attack vectors, surfaces, models and defense policies and mechanisms, at the same time.

With the ADF, we can model, among others, security, privacy, hardware, software, firmware, and protocol threats to a device (e.g., a crypto wallet) and threats to the device’s life cycle (e.g., supply chain attacks while implementing a device).

The ADF block diagram includes four components used to enhance threat modeling:

For more details about the ADF, look at:

Let’s Threat Model All the Things!

E-Trojans: Ransomware, Tracking, DoS, and Data Leaks on Battery-powered Embedded Systems

Mon, 09 Dec 2024 00:00:00 +0000

A Quest to Secure Standard and Proprietary Wireless Systems

Mon, 22 Jul 2024 00:00:00 +0000

In this talk we will explore recent research on real world wireless security protocols. We will cover standard protocols such as Bluetooth pairing and session establishment and proprietary ones such as IoT application layer protocols used to secure traffic between companion mobile applications and electric scooters and fitness trackers.

Information and Entertainment for Automotive Researchers

Mon, 08 Jul 2024 00:00:00 +0000

Keynote given at ACSW'24 (EuroS&P Workshop) covering Automotive Bluetooth Security and E-Spoofer.

FP-tracer PETS'24 Paper and Artifact

Mon, 01 Jul 2024 00:00:00 +0000

Modern websites use attribute-based browser fingerprinting to track us(ers) using our browser’s JavaScript API. They can track us without cookies, and regardless of what we click on websites’ consent banners.

With FP-tracer, we present a new and effective method to detect attribute-based browser fingerprinting using a taint tracking aware browser, and joint entropy thresholds. With FP-tracer, we see not only the trackers but also how much they track us. FP-tracer is available as an open-source artifact.

Through FP-tracer, we assessed 80K domains. Our study found that 8% of the domains collected enough attributes to track a browser uniquely. Sometimes, a browser can be tracked with only two attributes, i.e., userAgent and storageEstimate. Read the paper for more insights!

Soumaya Boussaha will present FP-tracer at PETS'24.

FP-tracer contributes to ENCOPIA, where we are ENabling COnnected PrIvacy Assurance.

A Quest to Secure Proprietary and Standard Wireless Protocols

Fri, 17 May 2024 00:00:00 +0000

Keynote given at RESSI'24 covering, among others, BLUFFS, E-Spoofer, and BreakMi.

A Quest to Secure Standard and Proprietary Wireless Protocols

Tue, 14 May 2024 00:00:00 +0000

Talk covering, among others, BLUFFS, E-Spoofer, and BreakMi.

BLUFFS: Breaking and fixing the Bluetooth standard. One More Time.

Thu, 04 Apr 2024 00:00:00 +0000

YouTube (37c3)

E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem

Thu, 04 Apr 2024 00:00:00 +0000

YouTube (WiSec'23)

E-Spoofer and BLUFFS Talks at THCON'24

Wed, 13 Mar 2024 00:00:00 +0000

Salut, Marco Casagrande will talk about E-Spoofer and I will talk about BLUFFS at the 2024 Toulouse Hacking Convention (THCON)! Both research works are funded by the ORSHIN Horizon Europe research grant.

E-Spoofer talk: 4th April 2024, 10:15-10:45
BLUFFS talk: 4th April 2024, 11:15-10:45
Where: Marthe Condat auditorium, Paul Sabatier University, Toulouse
THCON program

See you in Toulouse 🇫🇷 at THCON'24

FP-tracer: Fine-grained Browser Fingerprinting Detection via Taint-tracking and Multi-level Entropy-based Thresholds

Mon, 11 Mar 2024 00:00:00 +0000

Bluetooth Security at NECS Winter School

Mon, 08 Jan 2024 00:00:00 +0000

This lecture overviews recent and impactful research on Bluetooth security and privacy. We will cover protocol-level vulnerabilities in the Bluetooth specification affecting billions of devices, such as KNOB, BIAS, BLUR, and BLUFFS.

Moreover, we will explore works about insecure and proprietary protocols built on Bluetooth, including BreakMi exploiting Xiaomi and Fitbit fitness tracker protocols and E-Spoofer compromising Xiaomi’s electric scooter protocols.

While presenting our research works, we will also teach basic and advanced concepts about the security and privacy of IoT protocols.

BLUFFS: Breaking and fixing the Bluetooth standard. One More Time.

Sat, 30 Dec 2023 00:00:00 +0000

Abstract

Ciao! We present the BLUFFS attacks (CVE-2023-24023), six novel attacks breaking Bluetooth’s forward and future secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by compromising and re-using one session key. We discuss the four vulnerabilities in the Bluetooth specification enabling the attacks, two of which are new and related to unilateral and repeatable session key derivation. We describe the toolkit we developed and open-sourced to test our attacks via firmware binary patching, our experiments where we exploited 18 heterogeneous Bluetooth devices, and the practical and backward-compliant session key derivation protocol we built to fix the attacks by design. We also cover related work like KNOB, BIAS, and BLUR, and educational Bluetooth security tips and tricks.

Bluetooth is a pervasive technology for wireless communication. Billions of devices use it in sensitive applications and to exchange private data. The security of Bluetooth depends on the Bluetooth standard and its two security mechanisms: pairing and session establishment. No prior work, including the standard itself, analyzed the future and forward secrecy guarantees of these mechanisms, e.g., if Bluetooth pairing and session establishment defend past and future sessions when the adversary compromises the current. To address this gap, we present six novel attacks, defined as the BLUFFS attacks, breaking Bluetooth sessions’ forward and future secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by only compromising one session key. The attacks exploit two novel vulnerabilities that we uncover in the Bluetooth standard related to unilateral and repeatable session key derivation. As the attacks affect Bluetooth at the architectural level, they are effective regardless of the victim’s hardware and software details (e.g., chip, stack, version, and security mode).

We also release BLUFFS, a low-cost toolkit to perform and automatically check the effectiveness of our attacks. The toolkit employs seven original patches to manipulate and monitor Bluetooth session key derivation by dynamically patching a closed-source Bluetooth firmware that we reverse-engineered. We show that our attacks have a critical and large-scale impact on the Bluetooth ecosystem, by evaluating them on seventeen diverse Bluetooth chips (eighteen devices) from popular hardware and software vendors and supporting the most popular Bluetooth versions. Motivated by our empirical findings, we develop and successfully test an enhanced key derivation function for Bluetooth that stops by-design our six attacks and their four root causes. We show how to effectively integrate our fix into the Bluetooth standard and discuss alternative implementation-level mitigations. We responsibly disclosed our contributions to the Bluetooth SIG.

YouTube

Media CCC

Recorded BLUFFS Talk at 37c3

Sat, 30 Dec 2023 00:00:00 +0000

YouTube

Media CCC

here.

BLUFFS Talk at 37c3

Fri, 22 Dec 2023 00:00:00 +0000

See you in Hamburg 🇩🇪 at 37c3

BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses

Mon, 27 Nov 2023 00:00:00 +0000

Breaking and fixing the Bluetooth standard. One More Time.

BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses

Mon, 06 Nov 2023 00:00:00 +0000

E-Spoofer paper presentation at WiSec'23

Mon, 07 Aug 2023 00:00:00 +0000

Marco Casagrande’s presentation of our E-Spoofer paper about Xiaomi e-scooters' security and privacy recorded at ACM WiSec'23

Bluetooth Security and the KNOB Attack on BLE

Tue, 04 Jul 2023 00:00:00 +0000

In this lecture we cover an Introduction about Bluetooth security, its main transports (BC, BLE), procedures (discovery, connect) and logical entities (Host, Controller, HCI). Then we look at Bluetooth security architecture and the specific BC/BLE algorithms and protocols. We conclude by talking about state of the art attacks that we developed against this protocols including KNOB, BIAS, and BLUR.

In this lab we cover an Introduction about Bluetooth security, its main transports (BC, BLE), procedures (discovery, connect) and logical entities (Host, Controller, HCI). Then we look at Bluetooth security architecture and the specific BC/BLE algorithms and protocols. We conclude by talking about state of the art attacks that we developed against this protocols including KNOB, BIAS, and BLUR

Summer school program here.

E-Spoofer master's thesis ranked 2nd for Italian CLUSIT Award

Mon, 26 Jun 2023 00:00:00 +0000

Riccardo Cestaro’s master thesis, done at EURECOM in my group as a visiting student from UniPD, won the second prize in the CLUSIT (Italian Association for Information Security) thesis contest. CLUSIT yearly awards some of the best Information security theses in Italy. The list of winners is available here.

Riccardo’s thesis contributed to the E-Spoofer paper that we recently presented at WiSec'23.

Bravo Riccardo, and kudos to the co-supervisors.

Hiring a postdoc interested in IIoT network security

Tue, 20 Jun 2023 00:00:00 +0000

I am looking for a postdoc interested in Industrial Internet-of-Thing (IIoT) network security and privacy. The postdoc will be funded by the PEPR5g ANR project, work under my supervision at and join EURECOM’s S3 group. I can start hiring from the beginning of this summer.

My research revolves around applied system security and privacy (e.g., security assessment, vulnerability analysis and exploitation of deployed systems). To get a feeling, please see my website and publications.

If you are interested please send me ([email protected]">[email protected]) an HTML-less email containing:

[PEPR5G] in the email subject
The names and email addresses of two referrer (e.g., PhD advisors) in the email body
A CV with a list to publications in PDF
A short research statement in PDF (max 2 pages) explaining why you are interested in IIoT network security and privacy, what you did so far and are what you planning to do in this research area

Elseif you know someone that might be interested, please spread the word.

Grazie!

BreakMi: Reversing, Exploiting and Fixing Xiaomi (and Fitbit) Fitness Tracking Ecosystems

Sat, 03 Jun 2023 00:00:00 +0000

Xiaomi is the leading company in the fitness tracking industry. Successful attacks on its fitness tracking ecosystem would result in severe consequences, including the loss of sensitive health and personal data. Despite these relevant risks, we know very little about the security mechanisms adopted by Xiaomi. In this work, we uncover them and show that they are insecure. In particular, Xiaomi protects its fitness tracking ecosystem with custom application-layer protocols spoken over insecure Bluetooth Low-Energy (BLE) connections (ignoring standard BLE security mechanisms already supported by their devices) and TLS connections. We identify severe vulnerabilities affecting such proprietary protocols, including unilateral and replayable authentication.

Those issues are critical as they affect all Xiaomi trackers released since 2016 and up-to-date Xiaomi companion apps for Android and iOS. We show in practice how to exploit the identified vulnerabilities by presenting six impactful attacks. Four attacks enable to wirelessly impersonate any Xiaomi fitness tracker and companion app, man-in-the-middle (MitM) them, and eavesdrop on their communication. The other two attacks leverage a malicious Android application to remotely eavesdrop on data from a tracker and impersonate a Xiaomi fitness app.

Overall, the attacks have a high impact as they can be used to exfiltrate and inject sensitive data from any Xiaomi tracker and compatible app. We propose five practical and low-overhead countermeasures to mitigate the presented vulnerabilities. Moreover, we present BreakMi, a modular toolkit that we developed to automate our reverse-engineering process and attacks. breakmi understands Xiaomi application-layer proprietary protocols, reimplements Xiaomi security mechanisms, and automatically performs our attacks. We demonstrate that our toolkit can be generalized by extending it to be compatible with the Fitbit ecosystem. We will open-source BreakMi.

More here.

On the (In)securities of Popular Standard and Proprietary Wireless Protocols

Thu, 01 Jun 2023 00:00:00 +0000

This talk covers our recent research on the (in)securities of proprietary and standard wireless security protocols used daily by millions of devices and users. In particular, I will cover the BLUR attacks on Bluetooth, a novel class of threats capable of exploiting Bluetooth Classic from Bluetooth Low Energy and vice versa. Then, I will report on our security evaluation of protocol-level Bluetooth threats on vehicles (i.e., cars), a currently unexplored by impactful attack surface. Next, I will shift to proprietary wireless protocols and describe our security assessments of Xiaomi and Fitbit fitness trackers’ proprietary protocols. Finally, I will conclude by covering our latest work on custom Xiaomi e-scooters’ wireless protocols.

E-Spoofer paper at WiSec'23

Wed, 31 May 2023 00:00:00 +0000

Marco Casagrande presented at WiSec'23 our paper titled: E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem.

In a nutshell, we reverse-engineered the proprietary wireless protocols used by Xiaomi e-scooters and companions applications (i.e., Mi Home) over BLE, found critical vulnerabilities, exploited them to get arbitrary read and write capabilities on an e-scooter both in proximity and remotely (via a malicious Android app), developed concrete countermeasures, released a toolkit to reproduce our findings and tamper with the protocols, and responsibly disclosed our results to Xiaomi.

Useful links: Paper, Slides, Code, Demos, WiSec tweet.

This work continues our exploration of obscure proprietary protocols used in popular and high risk setups, including our research on Xiaomi and Fitbit fitness trackers presented last year at CHES.

Shout-out to the paper’s co-authors: Marco Casagrande, Riccardo Cestaro, Eleonora Losiouk, and Mauro Conti. And the funding partners: ORSHIN (EU) and the Air Force Office of Scientific Research.

E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem

Tue, 30 May 2023 00:00:00 +0000

EURECOM Digital Security opening for an Asst. Prof.

Wed, 03 May 2023 00:00:00 +0000

The Digital Security Department of EURECOM invites applications for a tenured position at the Assistant Professor level in the area of Digital Security. Starting date: ASAP. Full info here.

Please spread the word 😄 !

BreakMi talk at Hardwear.io USA 2023 🐞

Wed, 12 Apr 2023 00:00:00 +0000

Our talk titled BreakMi: Reversing, Exploiting and Fixing Xiaomi (and Fitbit) Fitness Tracking Ecosystems has been accepted at Hardwear.io USA'23. The talk extends and complements our paper titled BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem. The talk covers new relevant and educational aspect about our study that we did not have time to talk about during the paper presentation at CHES'22. For instance we will cover in detail:

Our reverse engineering methodology that the community can adopt to tackle similar problems.
BreakMi’s implementation details and attack demos from the BreakMi repository
The Fitbit fitness tracker ecosystem (owned by Google) and how BreakMi can be used to evaluate and exploit Fitbit fitness trackers
Responsible disclosure insights with Google and Xiaomi

Shout-out to our collaborators Eleonora Losiouk, Mauro Conti, and Mathias Payer!

Other relevant links: Hardwear.io, Twitter, LinkedIn.

BreakMI Poster Presentation at EURECOM SC

Mon, 06 Feb 2023 00:00:00 +0000

Marco Casagrande presented his excellent poster about BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem during EURECOM’s Scientific Council (SC).

For more info see at the paper’s presentation starting around min 56:

ENCOPIA

Thu, 26 Jan 2023 00:00:00 +0000

Contacts

Website

Core Concept and Innovation

Today’s IoT devices collect huge amounts of data and share them with cloud services. In turn, Big Data analytics are used to analyze this data to provide new services such as predictive maintenance, more efficient routing and targeted advertisement. As the world becomes pervasively sentient with sensors placed in all kinds of daily devices, opting out is no longer possible. Devices like autonomous cars, smart screens and smart glasses will record personal information of all passersby, resulting in a conflict between individual privacy rights and the interest of making the benefits of big data analytics available to society as a whole.

To ensure both goals are achievable, great care in the design and development of the complete IoT system from the device to the cloud service is necessary. This project aims at automating the verification of privacy goals of IoT services, from sensor devices all the way into the cloud services — during development and after deployment.

Scientific and Technological Goals

We propose to use binary analysis methods to make privacy goals testable in an automated fashion for the complete life cycle of sensitive information. Tools developed in this project will ensure that sensitive data can be tracked through programs and services by analyzing the software used and tracking data flows within them. Automated privacy analysis tools do not exist today. Yet binary analysis has made great strides in the last years. With a combination of binary-level function detection and information flow tracking, data can be traced through applications along its life cycle, tracking its usage and detecting potential privacy breaches when they occur. By combining state-of-the-art binary analysis with dynamic data flow tracking in the cloud through JIT compiler instrumentation, we achieve an end-to-end privacy tracking of sensitive data.

Future Outlook

The wide availability and sharing of vast amounts of data is necessary to drive digital innovation and leverage the powerful tools of big data and machine learning for the future knowledge society. The proposed tools will enable developers, third-party providers and users to ensure that data is used as intended and that protective mechanisms such as pseudonymization, encryption or differential privacy are applied. The researched methods can also be applied in certification schemes, which are currently under development under the European Cybersecurity Act.

Consortium

Langlauf Security Automation GmbH
Siemens AG
SAP Labs France
EURECOM, Software and System Security Group
University of Lübeck, Institute for IT Security

Open-source ReSilient Hardware and software for Internet of thiNgs (ORSHIN)

Thu, 26 Jan 2023 00:00:00 +0000

Contacts

Website, Twitter, LinkedIn, Vimeo

About

It is common wisdom that cyber security is only as strong as the weakest link in a chain. Therefore, the main challenge is to identify the critical points of IoT infrastructure. To address this issue, ORSHIN is creating the first generic and integrated methodology, called trusted lifecycle, to develop secure network devices based on open-source components while managing their entire lifecycle. ORSHIN’s trustworthy lifecycle consists of different phases (design, implementation, evaluation, installation, maintenance and retirement) that form a chain of trust. This lifecycle defines how the safety objectives are translated into policies for defined phases. Using this holistic view, ORSHIN will address critical links, reduce threats and improve security of open-source devices.

Vision

The open-source initiative represents a significant shift in the industry, providing the opportunity to share knowledge between industry and research and enabling rapid time-to-market for solutions, but there is still much room for improvement - particularly with a view to cyber security. Therefore, the ORSHIN project team will step together and develop a new approach that will improve cyber security, manage the entire lifecycle of trustworthy network and create a secure infrastructure for connected devices. To meet this challenge ORSHIN will work on building a trusted open-source hardware and software that will significantly reduce the risks associated with IoT devices - from design to its retirement, as a chain of trust called the trusted lifecycle.

Consortium

The ORSHIN consortium consists of seven partners from six European countries. It consists of a well-balanced mixture between academic and industrial players, from large semiconductor to small SMEs.

Technikon (Austria)
KU Leuven (Belgium)
EURECOM (France)
NXP (Germany)
Security Pattern (Italy)
Texplained (France)
Tropic square (Czech Republic)

Funding

Horizon Europe: HORIZON-CL3-2021-CS-01-02
Reference number: 101070008
Project start: 01.10.2022
Project duration: 36 months
Costs: € 3.814.500,00
Funding: 100,00% EU-funded

ACM CPSS'23 CFP is Open!

Thu, 01 Dec 2022 00:00:00 +0000

The call for papers for 2023 ACM Cyber-Physical System Security Workshop (CPSS) is open. The workshop is held in conjunction with ACM AsiaCCS'23 in Melbourne, Australia. For more information see the CPSS website and its call for papers.

Deadlines

All deadlines are at 11.59PM / 23:59 American Samoa Time

Submission: January 30, 2023
Notification: March 15, 2023
Camera-ready: March 30, 2023

Scope

Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome.

Topic of interest

Attack detection for CPS
Authentication and access control for CPS
Autonomous vehicle security
Availability and auditing for CPS
Blockchain for CPS security
Data security and privacy for CPS
Deception Technologies for CPS
Digital twins/Cyber range for CPS security
Embedded systems security
Formal methods in CPS
Industrial control system security
IoT security
Legacy CPS system protection
Lightweight crypto and security
Maritime cyber security
Recovery from cyber attacks
Security and risk assessment for CPS
Security architectures for CPS
Security by design for CPS
Smart grid security
Threat modeling for CPS
Transportation system security
Vulnerability analysis for CPS
Wireless sensor network security

BreakMi paper presented at IACR CHES'22

Mon, 26 Sep 2022 00:00:00 +0000

We presented our paper titled BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem at CHES 2022 in the hardware security track.

Here is the excellent presentation given by Marco Casagrande. You can also check out the presentation slides and the BreakMi repository to reproduce our findings (with the help of video tutorials nicely prepared by Marco).

For more information, such our reverse engineering methodology, analysis and exploitation of Fitbit trackers, and countermeasures, have a look at the paper.

BLURtooth video, new CVE, and GH repo

Wed, 17 Aug 2022 00:00:00 +0000

I’m glad to share three updates about the BLURtooth paper.

We successfully tested the BLUR attacks on a Google Pixel 6 (Bluetooth 5.2) and submitted our findings to Google. They classified the report with high severity, assigned CVE-2022-20361, and shipped fixes as part of August’s Android Security bulletin. More details about the fixes can be found here. This is yet another finding demonstrating that the attacks are effective on all Bluetooth versions supporting CTKD unlike stated in this note from the Bluetooth SIG .

After following responsible disclosure we also publish the instructions to reproduce the BLUR attacks in a GitHub repository.

Below you can find the paper presentation streamed at AsiaCCS'22:

On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats

Thu, 14 Jul 2022 00:00:00 +0000

In this webinar we talk about, Protocol-Level Bluetooth Threats (PLBT), a novel and relevant class of threats for automotive security. Specifically, we explain what they are, why they are relevant, and how they can be evaluated on modern cars. We also report our PLBT evaluation results on five popular In-Vehicle Infotainment (IVI) units used by KIA, Toyota, Suzuki, and Skoda on cars manufactured between 2014 and 2021. For example, we show that is trivial to impersonate a trusted smartphone to commercial IVIs using an attack chain that we developed in recent years (KNOB+BIAS attacks). As a result of a successful impersonation, an attacker can exfiltrate sensitive data stored on the IVI and send malicious commands to the IVI without being detected.

We note that PLBTs are effective on any Bluetooth-enabled IVI as they exploit protocol flaws in the Bluetooth standard itself. Hence, we expect that the vast majority of the IVIs in the market is vulnerable to the KNOB+BIAS attack chain and other PLBTs. This fact should clearly motivate why it is important to investigate and fix PLBTs in the automotive industry.

For more information please refer to our research paper presented this year at the IEEE Workshop On Offensive Technologies (WOOT) titled On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats available here.

On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats Video

Fri, 01 Jul 2022 00:00:00 +0000

Below you can find a webinar that I’ve recorded for the Automotive Security Research Group (ASRG) talking about our recent paper titled On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats.

The webinar will also be linked for WOOT'22 as the talk I gave at the workshop was not recorded because of some issues.

C.A.S.E., il futuro dell'auto: opportunità e rischi

Wed, 29 Jun 2022 00:00:00 +0000

More information about the speech on quattroruote.it and linkedin pulse.

More information about the event here.

BreakMI Paper and Repo

Thu, 16 Jun 2022 00:00:00 +0000

I am glad to share that our paper titled BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem is publicly available here. In this work, we reverse-engineer, exploit, and fix the proprietary security protocols used by Xiaomi to secure the Bluetooth Low Energy communication between its trackers and smartphone applications. We also release BreakMi, a tool to reproduce our findings and perform further analyses on Xiaomi’s Fitness tracking ecosystem. We also evaluated BreakMi on the Fitbit ecosystem and found that most of the vulnerabilities and attacks presented for Xiaomi are portable with minor adjustments to the Fitbit ecosystem.

I’m particularly proud of this paper as its main author is Marco Casagrande, my first PhD student. Congratulations, Marco, for the hard/novel/relevant work and thanks to the co-authors Eleonora Losiouk, Mauro Conti, and Mathias Payer!

We will present the paper in September at CHES 2022.

BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem

Fri, 01 Apr 2022 00:00:00 +0000

On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats

Fri, 25 Mar 2022 00:00:00 +0000

BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy

Sun, 06 Mar 2022 00:00:00 +0000

Bluetooth BLUR Attacks (BLURtooth)

Sat, 05 Mar 2022 00:00:00 +0000

In 2020 we disclosed the BLUR attacks, a family of high impact threats affecting Bluetooth’s cross-transport key derivation (CTKD). The BLUR attacks are the first sample of cross-transport attacks for Bluetooth as they allow to exploit Bluetooth Classic and Bluetooth Low Energy jut by targeting one of the two.

The BLUR attacks are tracked with CVE-2020-15802.

CFP: JSys System Security

Thu, 24 Feb 2022 00:00:00 +0000

The Journal of Systems Research (JSys) is a new journal with diamond-access publication model; that is, papers are free to read, submit, review, and publish. Its design borrows heavily from similar journals recently created in the databases, security, and crypto communities.

Recently JSys added a system security track and the first CfP is open until the 22nd of May.

Call for Papers: System Security

System security covers the intersection between systems research and security research in particular around the topics of software security, web security, mobile security, network security, operating system security, and hardware security. These topics inherently involve systems topics as part of their mechanisms, policies, or attacks. While attacks are in scope, the focus of this track is on constructive security, i.e., mitigating and avoiding attacks along with systematizing knowledge.

Topic of interests:

Analysis of network and security protocols
Attacks with novel insights, techniques, or results
Automated security analysis of source code and binaries
Embedded systems security
Language-based security
Machine learning security
Mobile systems security
Network security
Operating system security
Program analysis for security
Web security

CFP Workshop on Offensive Technologies (WOOT) 2022

Sat, 22 Jan 2022 00:00:00 +0000

The WOOT'22 CFP is open. Please submit and spread the word.

Links

URL: https://www.ieee-security.org/TC/SP2022/WOOT22/index.html Submission: https://woot22.secpriv.tuwien.ac.at/woot22/paper/new

Overview

The Workshop on Offensive Technologies (WOOT) aims to present a broad picture of offense and its contributions, bringing together researchers and practitioners across all areas of computer security. Offensive security has changed from a hobby to an industry. No longer an exercise for isolated enthusiasts, offensive security is today a large-scale operation managed by organized, capitalized actors. Meanwhile, the landscape has shifted: software used by millions is built by startups less than a year old, delivered on mobile phones and surveilled by national signals intelligence agencies. In the field’s infancy, offensive security research was conducted separately by industry, independent hackers, or in academia. Collaboration between these groups was difficult. Since 2007, the Workshop on Offensive Technologies (WOOT) has been bringing those communities together.

Symposium Topics

Computer security exposes the differences between the actual mechanisms of everyday trusted technologies and their models used by developers, architects, academic researchers, owners, operators, and end users. While being inherently focused on practice, security also poses questions such as “what kind of computations are and aren’t trusted systems capable of?” which harken back to fundamentals of computability. State-of-the-art offense explores these questions pragmatically, gathering material for generalizations that lead to better models and more trustworthy systems.

WOOT provides a forum for high-quality, peer-reviewed work discussing tools and techniques for attacks. Submissions should reflect the state of the art in offensive computer security technology, exposing poorly understood mechanisms, presenting novel attacks, highlighting the limitations of published attacks and defenses, or surveying the state of offensive operations at scale. WOOT ‘22 accepts papers in both an academic security context and more applied work that informs the field about the state of security practice in offensive techniques. The goal for these submissions is to produce published works that will guide future work in the field. Submissions will be peer reviewed and shepherded as appropriate. Submission topics include, but are not limited to, attacks on and offensive research into:

Hardware, including software-based exploitation of hardware vulnerabilities
Virtualization and the cloud
Network and distributed systems
Operating systems
Browser and general client-side security (runtimes, JITs, sandboxing)
Application security
Analysis of mitigations and automating how they can be bypassed
Automating software testing such as fuzzing for novel targets
Internet of Things
Machine Learning
Cyber-physical systems
Privacy
Cryptographic systems (practical attacks on deployed systems)
Malware design, implementation and analysis
Offensive applications of formal methods (solvers, symbolic execution)

Workshop Format

The presenters will be authors of accepted papers. There will also be a keynote speaker and a selection of invited speakers. WOOT ‘22 will feature a Best Paper Award and a Best Student Paper Award.

Note that WOOT'22 and other IEEE S&P workshops are planned to be held in person, see the IEEE S&P website for details and updates.

Regular Submission

WOOT ‘22 welcomes submissions without restrictions of origin. Submissions from academia, independent researchers, students, hackers, and industry are welcome. Are you planning to give a cool talk at Black Hat in August? Got something interesting planned for other non-academic venues later this year? This is exactly the type of work we’d like to see at WOOT ‘22. Please submit – it will also give you a chance to have your work reviewed and to receive suggestions and comments from some of the best researchers in the world. More formal academic offensive security papers are also very welcome.

Systematization of Knowledge

Continuing the tradition of past years, WOOT ‘22 will be accepting “Systematization of Knowledge” (SoK) papers. The goal of an SoK paper is to encourage work that evaluates, systematizes, and contextualizes existing knowledge. These papers will prove highly valuable to our community but would not be accepted as refereed papers because they lack novel research contributions. Suitable papers include survey papers that provide useful perspectives on major research areas, papers that support or challenge long-held beliefs with compelling evidence, or papers that provide an extensive and realistic evaluation of competing approaches to solving specific problems. Be sure to select “Systematization of Knowledge paper” in the submissions system to distinguish it from other paper submissions.

Submission Requirements

Paper submission deadline: Thursday, January 27, 2022, 11:59 AoE (Anywhere on Earth) Notification date: Thursday, February 27, 2022 Camera-ready paper deadline: Tuesday, March 8, 2022 Workshop date: Thursday, May 26, 2022

Please submit your paper at https://woot22.secpriv.tuwien.ac.at/woot22/paper/new

What to Submit

Submissions must be in PDF format. Papers should be succinct but thorough in presenting the work. The contribution needs to be well motivated, clearly exposed, and compared to the state of the art. Typical research papers are at least 4 pages, and maximum 10 pages long (not counting bibliography and appendix). Yet, papers whose lengths are incommensurate with their contributions will be rejected.

The submission should be formatted in 2-columns, using 10-point Times Roman type on 12-point leading, in a text block of 6.5” x 9”. Please number the pages. Authors must use the IEEE templates, for LaTeX papers this is IEEETran.cls version 1.8b.

Submissions are double blind: submissions should be anonymized and avoid obvious self-references (authors are allowed to release technical reports and present their work elsewhere such as at DefCon or BlackHat). Submit papers using the submission form.

Authors of accepted papers will have to provide a paper for the proceedings following the above guidelines. A shepherd may be assigned to ensure the quality of the proceedings version of the paper.

If your paper should not be published prior to the event, please notify the chairs. Submissions accompanied by non-disclosure agreement forms will not be considered. Accepted submissions will be treated as confidential prior to publication on the WOOT ‘22 website; rejected submissions will be permanently treated as confidential.

Policies and Contact Information

Simultaneous submission of the same work to multiple competing academic venues, submission of previously published work without substantial novel contributions, or plagiarism constitutes dishonesty or fraud may lead to instant or later rejecion. Note: Work presented by the authors at industry conferences, such as Black Hat, is not considered to have been “previously published” for the purposes of WOOT ‘22. We strongly encourage the submission of such work to WOOT ‘22, particularly work that is well suited to a more formal and complete treatment in a published, peer-reviewed setting. In your submission, please do note any previous presentations of the work.

Vulnerability Disclosure

If the submission describes, or otherwise takes advantage of, newly identified vulnerabilities (e.g., software vulnerabilities in a given program or design weaknesses in a hardware system) the authors should disclose these vulnerabilities to the vendors/maintainers of affected software or hardware systems prior to the CFP deadline. When disclosure is necessary, authors should include a statement within their submission and/or final paper about steps taken to fulfill the goal of disclosure.

Ethical Considerations

Submissions that describe experiments on human subjects, that analyze data derived from human subjects (even anonymized data), or that otherwise may put humans at risk should:

Disclose whether the research received an approval or waiver from each of the authors’ institutional ethics review boards (e.g., an IRB).
Discuss steps taken to ensure that participants and others who might have been affected by an experiment were treated ethically and with respect.
If a paper raises significant ethical or legal concerns, including in its handling of personally identifiable information (PII) or other kinds of sensitive data, it might be rejected based on these concerns.

CFP: ACM CPSS 2022

Mon, 08 Nov 2021 00:00:00 +0000

The call for papers for 8th ACM Cyber-Physical System Security Workshop (CPSS 2022) held in conjunction with ACM AsiaCCS'22 is closing in 1 month (December 3, 2021).

Make sure to submit your awesome CPS security papers :D

For more information see the CPSS website and its call for papers.

Exploiting and Fixing the Bluetooth Standard

Thu, 21 Oct 2021 00:00:00 +0000

Bluetooth is a ubiquitous technology for low-power wireless communications. It is employed by billions of devices, including smartphones, laptops, wearables, and cars. As a technology, Bluetooth is specified in an open and quite complex standard. The standard defines two Bluetooth flavors; Bluetooth Classic (BC) for high throughput services and Bluetooth Low Energy (BLE) for low power ones. In addition, it specifies pairing (i.e., bootstrapping) and session establishment security mechanisms to protect the confidentiality, integrity, and authenticity of Bluetooth communication. One vulnerability in these mechanisms can be exploited on all Bluetooth devices as they must be compliant with the Bluetooth standard.

This talk revisits our recent work about uncovering, exploiting, and fixing three critical vulnerabilities in the Bluetooth standard affecting BT and BLE. The vulns are KNOB (CVE-2019-9506), BIAS (CVE-2020-10135), and BLUR (CVE-2020-15802). KNOB affects both BT and BLE and enables to weaken and brute force Bluetooth’s cryptographic keys. BIAS affects BT and allows to bypass Bluetooth’s authentication. BLUR exploits the boundary between BT and BLE and results in cross-transport exploitation of BT and BLE. Despite our reports to the Bluetooth consortium (SIG), the presented vulnerabilities are either not patched or partially fixed.

Breaking and Fixing the Bluetooth Standard

Thu, 01 Jul 2021 00:00:00 +0000

Bluetooth is a ubiquitous technology for low-power wireless communications employed by billions of devices, including mobiles, wearables, and cars. Bluetooth is specified in a complex yet open standard that defines two transports: Bluetooth Classic (BC) for high throughput services and Bluetooth Low Energy (BLE) for very low power services. Being a pervasive technology, Bluetooth exposes a broad attack surface. Moreover, successful attacks on Bluetooth can achieve high-impact goals, such as identity thefts, privacy violations, and malicious device control. The security of Bluetooth communication heavily depends on the Bluetooth standard, which defines “standard-compliant” security mechanisms to protect the confidentiality, integrity, and availability of Bluetooth communications. Those mechanisms include pairing and secure session establishment protocols used to establish keys and protect the communication.

This talk revisits our recent work about uncovering, exploring, and fixing three critical vulnerabilities in the Bluetooth standard. The vulnerabilities affect both BC and BLE, and we named them. KNOB (CVE-2019-9506), BIAS (CVE-2020-10135) and BLUR (CVE-2020-15802). As these vulnerabilities are standard-compliant (i.e., exploit specification flaws in the Bluetooth standard), they are effective on any Bluetooth device regardless of its hardware and software details. For example, in our experiments, we successfully exploited KNOB, BIAS, and BLUR on a broad set of devices, including Apple, Broadcom, Cypress, CSR, Google, Intel, Microsoft, and Qualcomm. Additionally, we successfully targeted all the major Bluetooth versions currently in the market (e.g., 4.0, 4.1, 4.2, 5.0, 5.1, and 5.2).

Despite our reports to the Bluetooth consortium, the presented vulnerabilities are either not patched or partially fixed. Indeed, more work has to be done to secure the Bluetooth standard from its foundations.

EURECOM Digital Security opening for an Asst. Prof.

Fri, 25 Jun 2021 00:00:00 +0000

The Digital Security Department of EURECOM invites applications for a tenured position at the Assistant Professor level in the area of Digital Security. Full info here.

Please spread the word 😄 !

Why is Hard to Secure Mobile Proximity Services

Thu, 24 Jun 2021 00:00:00 +0000

Mobile devices such as phones, tablets, and wearables enable proximity services on a large scale. These services use wireless technologies (such as Wi-Fi and Bluetooth) to connect users within a specific range and exchange information. Proximity information ranges from general-purpose files and contacts to privacy-preserving COVID-19 proximity identifiers. Since these services affect millions of mobile users worldwide, their security against cyber threats is paramount. It is not pleasant if an attacker in proximity (or even remotely) can eavesdrop on private communication or tamper with personal data. However, adopting (even essential) security mechanisms for proximity services is easy in theory but pretty hard in practice. For example, it is challenging to provide confidentiality and authenticity while at the same time provide energy-efficient and accurate proximity tracing. On top of that, a usable proximity service has to scale well with the number of users and provide the same quality of services across different software and hardware ecosystems (e.g., Android and iOS) and usage condition (e.g., indoor and outdoor). In this talk, we look at two commercial proximity services. First, Google’s Nearby Connections (NC) is an API to connect Android devices using a combination of Wi-Fi and Bluetooth and without requiring an Internet connection. Second, Google/Apple’s Exposure Notification (EN) framework. EN powers most COVID-19 contact-tracing mobile applications in Europe, including the ones used in Italy, Germany, and Switzerland. Throughout the talk, the audience will learn, among others, real-world proximity services' architectures, pitfalls, vulnerabilities, attacks, countermeasures, and related research trends.

SecMT'21 Talk About Security of Proximity Services

Tue, 22 Jun 2021 00:00:00 +0000

I’m glad to give a talk at the SecMT'21 workshop on mobile system security co-located with the ACNS'21 conference. Students can register to SecMT for free by filling this Google form.

Talk title:

Why is Hard to Secure Mobile Proximity Services

Talk abstract:

Starting at EURECOM

Fri, 04 Jun 2021 00:00:00 +0000

It is my pleasure to announce that since 1st of June I’ve started my new adventure with EURECOM and the System Security Group (S3).

I’m thrilled and honored to have joined a team of talented and diverse people, and I’m looking forward give my contribution!

The location is also pretty amusing, and I feel closer to Italy than usual 😄

CFP for Hardwear.io USA 2021 is Open (Tips and Tricks)

Fri, 19 Mar 2021 00:00:00 +0000

Last year I had the pleasure to give a talk about critical and standard-compliant Bluetooth flaws at the virtual edition of Hardwear.io 2020.

The organizers recently opened the call-for-papers (CFP) for Hardwear.io USA 2021 and asked me to share my take on why you would want to submit your work to Hardwear.io and few tips and tricks to improve the quality of your presentation. What follow are some random and personal thoughts that might be useful for somebody and might overlap with what is already suggested in the CFP 😄

Why one should submit?

Hardwear.io is (still) a “nichy” venue where you present to a relatively small but relevant audience of experts.
Hardwear.io’s audience is a mix of folks from academia and industry. This is very helpful as it allows to get feedback from different angles and hear more voices.
Hardwear.io enables to push the boundaries of interesting (yet less-mainstream) security topics such as embedded, industrial, hardware, and wireless systems.
Hardwear.io is not only about talks and conferences, there is whole community surrounding it that is active every day and from which you can get advice.
If you are a fan of merchandise (i.e., shirts, pins, magnets, …) then Hardwear.io is not going to disappoint you 🎉

Tips and Tricks to strengthen your submission

Clearly scope you work to one (or more) submission topic(s)
Keep a mix of technical and non-technical content
The non-technical content is useful to let non-expert reviewers appreciate your work (i.e., what you did)
The technical part is needed to convince the expert reviewers that you actually did what you are presenting (i.e., how you did it)
Make sure that other than explaining “what” you did and “how” you did it, you are also showing “why” your submission is important, needed, novel, and interesting.
Look at the TIPS FOR SUBMITTING on the CFP

LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks

Thu, 18 Feb 2021 00:00:00 +0000

Joining EURECOM S3 as an Assistant Professor in June 2021

Wed, 02 Dec 2020 00:00:00 +0000

Starting from June 2021, I will join EURECOM System Security Group (S3) as an Assistant Professor. I will keep doing research on the security of wireless systems, mobile/embedded systems, and (industrial) internet of things. I will also teach the fabulous Mobile Systems and Smartphone Security (MOBISEC) course, created by Yanick Fratantonio, starting from Sept 2021.

I thank EURECOM faculty members for considering my candidature and eventually selecting me from a pool of talented applicants. Related to that, I give credit to Marc Dacier, Aurelien Francillon, Yanick Fratantonio, Davide Balzarotti, and Massimiliano Todisco for answering my questions and providing useful feedback and support during the interview process.

I also acknowledge Mathias Payer, Kasper Rasmussen, Nils Tippenhauer, and Mauro Conti for supporting my candidature. Their support was instrumental and I will be pleased to keep collaborating with them in the future.

I look forward to join EURECOM and the sunny French riviera and in the meantime I’m ramping up my French knowledge. 🇫🇷 🏖 ⛰️

CFP: 2021 IEEE Workshop on Offensive Technologies (WOOT)

Fri, 27 Nov 2020 00:00:00 +0000

The call for papers for the 2021 IEEE Workshop on Offensive Technologies (WOOT) is open. Please submit your great research work and spread the word among attackers 🔥 😄 🔥

Here are the deadlines:

Abstract registration deadline: Wednesday, January 27, 2021, 11:59 AoE (Anywhere on Earth)
Paper submission deadline: Friday, January 29, 2021, 11:59 AoE (Anywhere on Earth)
Notification date: Monday, March 01, 2021
Workshop date: Thursday, May 27, 2021

Submission topics include, but are not limited to, attacks on and offensive research into:

Hardware, including software-based exploitation of hardware vulnerabilities
Virtualization and the cloud
Network and distributed systems
Operating systems
Browser and general client-side security (runtimes, JITs, sandboxing)
Application security
Analysis of mitigations and automating how they can be bypassed
Automating software testing such as fuzzing for novel targets
Internet of Things
Machine Learning
Cyber-physical systems
Privacy
Cryptographic systems (practical attacks on deployed systems)
Malware design, implementation and analysis
Offensive applications of formal methods (solvers, symbolic execution)

For more information about the CFP look here.

Joining WOOT and SEC TPCs

Sun, 22 Nov 2020 00:00:00 +0000

I’m thrilled to join the technical program committees of the Workshop on Offensive Technologies (WOOT) and the USENIX Security Symposium (SEC).

Lots of good papers ahead 😄

Early Evidence of Effectiveness of Digital Contact Tracing for SARS-CoV-2 in Switzerland

Thu, 01 Oct 2020 00:00:00 +0000

BLURtooth (BLUR Attacks) Disclosure

Fri, 25 Sep 2020 00:00:00 +0000

Since January 2020 we’ve been working on a security analysis of Bluetooth cross-transport key-derivation (CTKD). In May 2020 we reported to the Bluetooth SIG a set of CTKD vulnerabilities and related attacks (i.e., the BLURtooth report about the BLUR attacks) and kept our findings private.

The 10th of September 2020 the Bluetooth SIG posted the following security note without letting us know: Bluetooth SIG Statement Regarding the Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy Vulnerability (BLURtooth).

To clarify our position with respect to such security note we release a public disclosure statement and an updated version of the BLURtooth technical report. Enjoy!

Bonus track:

BIAS and KNOB attacks against Bluetooth BR/EDR/LE

Tue, 18 Aug 2020 00:00:00 +0000

Bluetooth is a ubiquitous technology for low power wireless communications. Bluetooth runs on billions of devices including mobile, wearables, home automation, smart speakers, headsets, industrial and medical appliances, and vehicles. As a result, Bluetooth’s attack surface is huge and includes significant threats such as identity thefts, privacy violations, and malicious device control. Bluetooth is a complex technology specified in an open standard. The standard defines two wireless stacks Bluetooth Classic for high throughput services (e.g., audio and voice) and Bluetooth Low Energy (BLE) for very low power services (e.g., localization, and monitoring). The standard defines security mechanisms to protect the confidentiality, integrity, and authenticity of Bluetooth communications. Those mechanisms include pairing to share a long term key among two devices, and secure session establishment to let two paired devices negotiate session keys to protect their communication. A single vulnerability in a standard-compliant security mechanism translates into billions of exploitable devices. This talk reviews several standard-compliant vulnerabilities that we recently uncovered on the key negotiation and authentication mechanisms of Bluetooth Classic and BLE. We also describe how to exploit such vulnerabilities to perform key negotiation attacks on Bluetooth Classic and BLE (KNOB attacks, CVE-2019-9506) and impersonation attacks on Bluetooth Classic (BIAS attacks, CVE-2020-10135). The attacks are presented together with a detailed description of the Bluetooth treat model and the affected security mechanism. We also explain how we implemented such attacks using low-cost hardware and open-source software and how we evaluated them on actual devices from the major vendors including Apple, Broadcom, Cypress, CSR, Google, Intel, Microsoft, and Qualcomm. Finally, we describe how the Bluetooth standard was amended after the disclosure of our attacks, our proposed countermeasures, and why most of the Bluetooth devices are still vulnerable to our attacks.

WAC3 Presentation is Online

Wed, 12 Aug 2020 00:00:00 +0000

BIAS + KNOB attack against Bluetooth:

All the WAC talks are available on YouTube

DP3T/GAEN for COVID-19

Fri, 07 Aug 2020 00:00:00 +0000

The Decentralized Privacy-Preserving Proximity Tracing (DP3T) is a system that we developed for secure and privacy-preserving proximity tracing at large scale. DP3T provides a technological foundation to help slow the spread of SARS-CoV-2 by simplifying and accelerating the process of notifying people who might have been exposed to the virus so that they can take appropriate measures to break its transmission chain. DP3T is open-source and its repos and documents are on GitHub.

We also published a work titled Early Evidence of Effectiveness of Digital Contact Tracing for SARS-CoV-2 in Switzerland to show early findings about the effectiveness of digital contact tracing in Switzerland.

Google and Apple developed the GAEN (Google/Apple Exposure Notifications) framework based on DP3T.

CFP: ACM AsiaCCS 2021

Wed, 05 Aug 2020 00:00:00 +0000

I’m glad to serve as a TPC member for ACM AsiaCCS 2021. The first round of submission deadline is approaching (21 August 2020), indeed submit your great research works!

Those are the important dates:

1st round deadlines
- Paper submission: 21 August 2020
- Author notification: 24 October 2020
- Camera ready due to: 25 November 2020
2st round deadlines
- Paper submission: 11 December 2020
- Author notification: 15 February 2021
- Camera ready due to: 15 March 2021
Conference date: June 7-11, 2021

WAC3 Talk About KNOB and BIAS Attacks

Tue, 21 Jul 2020 00:00:00 +0000

I’m glad to give a talk about the KNOB and BIAS attacks on Bluetooth at the third Workshop on Attacks in Cryptography (WAC) co-located with
CRYPTO 2020. The Workshop will be held online on Zoom the 16th of August 2020, and my talk will be from 13:20 to 14:00 (EDT) in the Attacks on Standards session (session IV).

This is the talk abstract:

Bluetooth is a ubiquitous technology for low power wireless communications. Bluetooth runs on billions of devices including mobile, wearables, home automation, smart speakers, headsets, industrial and medical appliances, and vehicles. As a result, Bluetooth’s attack surface is huge and includes significant threats such as identity thefts, privacy violations, and malicious device control.

Bluetooth is a complex technology specified in an open standard. The standard defines two wireless stacks Bluetooth Classic for high throughput services (e.g., audio and voice) and Bluetooth Low Energy (BLE) for very low power services (e.g., localization, and monitoring). The standard defines security mechanisms to protect the confidentiality, integrity, and authenticity of Bluetooth communications. Those mechanisms include pairing to share a long term key among two devices, and secure session establishment to let two paired devices negotiate session keys to protect their communication. A single vulnerability in a standard-compliant security mechanism translates into billions of exploitable devices.

This talk reviews several standard-compliant vulnerabilities that we recently uncovered on the key negotiation and authentication mechanisms of Bluetooth Classic and BLE. We also describe how to exploit such vulnerabilities to perform key negotiation attacks on Bluetooth Classic and BLE (KNOB attacks, CVE-2019-9506) and impersonation attacks on Bluetooth Classic (BIAS attacks, CVE-2020-10135). The attacks are presented together with a detailed description of the Bluetooth treat model and the affected security mechanism. We also explain how we implemented such attacks using low-cost hardware and open-source software and how we evaluated them on actual devices from the major vendors including Apple, Broadcom, Cypress, CSR, Google, Intel, Microsoft, and Qualcomm. Finally, we describe how the Bluetooth standard was amended after the disclosure of our attacks, our proposed countermeasures, and why most of the Bluetooth devices are still vulnerable to our attacks.

For more details about the KNOB and BIAS attacks have a look at the related research papers:

The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR, USENIX Security 2019.
Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy, ACM TOPS 2020.
BIAS: Bluetooth Impersonation AttackS, IEEE S&P 2020.

Please join the virtual WAC, and thanks Eyal Ronen and Mathy Vanhoef for organizing it and for the invitation!

NSS 2020 Extended Call For Papers

Mon, 06 Jul 2020 00:00:00 +0000

The Network and System Security (NSS) 2020 conference paper submission deadline has been extended to 15 September 2020 (Anywhere on Earth)

Please submit your research work!

You can find more information in the NSS website and specifically in the CFP section.

Tutor Island: Matematica & Codice

Sat, 20 Jun 2020 00:00:00 +0000

Condivido con piacere Tutor Island il nuovo canale YouTube del mio amico e collega Paolo. Su questo canale potrete trovare tutorial in Italiano (e prossimamente anche in Inglese) su argomenti matematici, informatici e ingegneristici. Per esempio linko qui sotto una playlist con un corso per ingegneri che vogliono programmare in MATLAB/Octave:

Paolo è un bravissimo insegnante e divulgatore scientifico con anni di esperienza alle spalle sia universitaria che professionale. Paolo ha anche esperienza in ambito informatico e dai sui video sicuramente imparerete molto di più che l’argomento centrale del video. Il canale di Paolo è anche molto curato dal punto di vista audio, video e grafico e questo non guasta mai 😄

Tutor Island offre materiale esclusivo per studenti con una piccola donazione su Patreon. Potete seguire il feed del canale, oltre che su YouTube, su Twitter e Facebook.

🏖 ☀ 🏝

CFP: Conference on Network and System Security (NSS)

Mon, 08 Jun 2020 00:00:00 +0000

I’m glad to serve as a TPC member and publicity co-chair for the 14th International Conference on Network and System Security (NSS). The conference focuses on network and system security and welcomes papers from a broad range of topics including:

Active Defense Systems
Analysis, Benchmark of Security Systems
Applied Cryptography
Authentication
Privacy and Anonymity Technologies
Secure Cryptographic Protocols and Applications
Security Notions, Approaches, and Paradigms
Steganography and Steganalysis
Blockchain and Cryptocurrency
Smart Contract
Digital Forensics
Cyber Hacking and Protection
Hardware Security
Intrusion Detection and Prevention
AI/Machine Learning Security
Software Security
Security Policy
Security and Privacy in Social Networks
Trusted Computing
Watermarking and Digital Rights Management
Location Privacy
Security For Critical Infrastructures
RFID/NFC Security
Security Infrastructure
Security and Privacy For Digital Health
Viruses and Malware
Intellectual Property Rights Protection
Cyber-Physical Security

You can find more information in the Conference website and specifically in the CFP section.

NSS 2020 deadlines:

Paper submission 15 July 2020 (Anywhere on Earth)
Notification of acceptance 15 August 2020
Camera-ready paper submission 20 October 2020
Conference location and date Melbourne Australia, 24–27 November 2020

Bluetooth BIAS Attacks

Mon, 18 May 2020 00:00:00 +0000

In 2020 we disclosed the Bluetooth Impersonation AttackS (BIAS), a family of high impact attacks affecting Bluetooth’s authentication protocols. The attacks allow impersonating any Bluetooth device during secure session establishment without knowing the long term pairing key. The BIAS attacks are tracked with CVE-2019-9506

IEEE S&P (Oakland) 2020 Paper Teaser

IEEE S&P (Oakland) 2020 Paper Presentation

BIAS + KNOB attack against Bluetooth IACR Attacks in Crypto

From Bluetooth Standard to Standard Compliant 0-days Hardwear.io

Slides and video from our hardwear.io 2020 talk

Sun, 10 May 2020 00:00:00 +0000

Here are the slides and the recording of our hardwear.io talk titled From Bluetooth Standard to Standard-Compliant 0-days:

From the Bluetooth Standard to Standard-Compliant 0-days

Thu, 30 Apr 2020 00:00:00 +0000

Bluetooth is a ubiquitous technology for low power wireless communications. Bluetooth runs on billions of devices, including mobile, wearables, home automation, smart speakers, headsets, industrial and medical appliances, and vehicles. As a result, Bluetooth’s attack surface is huge and includes significant threats such as identity thefts, privacy violations, and malicious device control.

Bluetooth is a complex technology specified in an open standard. The standard defines two wireless stacks Bluetooth “classic” BR/EDR for high throughput services (e.g., audio and voice) and Bluetooth Low Energy (BLE) for very low power services (e.g., localization, and monitoring). The standard defines security mechanisms to protect Bluetooth communications. Those mechanisms include pairing to share a long term key among two devices, and secure session establishment to let two paired devices negotiate session keys. It is paramount that those standard security mechanisms provide security guarantees that they promise, such as confidentiality, authenticity, and integrity of data. A single vulnerability in a standard security mechanism translates into billions of exploitable devices.

This talk describes how we managed to find and exploit standard-compliant 0-days in the Bluetooth standard. We describe, in detail, the Bluetooth security architecture, including its main components (Host, Controller) and protocols (HCI, LMP, and SMP). Then we talk about the Key Negotiation of Bluetooth (KNOB) attack on Bluetooth “classic” BR/EDR [CVE-2019-9506] and its extension to BLE. The KNOB attacks are enabled by standard-compliant 0-days in the key negotiation protocols of Bluetooth “classic” BR/EDR and BLE. In particular, those protocols allow to negotiate keys with very low entropy (strength), and they do not protect the integrity of entropy negotiation. Using the KNOB attack, a man-in-the-middle attacker can force a Bluetooth “classic” BR/EDR session key to 1 byte of entropy, and a BLE long term key to 7 bytes of entropy. Such low entropy values are unacceptable in 2020 and can easily (for BLE) or trivially (for BR/EDR) be brute-forced.

As a result of our attacks, a remote attacker gets access to private data and inserts valid malicious data on Bluetooth “classic” BR/EDR and BLE secure connection. The exploits are effective on any standard compliant Bluetooth device regardless of software, hardware vendors and versions, Bluetooth version, supported security features, or security mode in use. As a result of our disclosure in 2019, the Bluetooth SIG amended the standard by requiring 7 bytes of entropy as minimum entropy value for Bluetooth BR/EDR (as for BLE). Only some vendors, including Intel, Google, Apple, and Microsoft, patched a subset of their products to address the KNOB attack, and in the talk, we describe some of those patches and why they are not effective. We also describe why the majority of low-end devices that we tested remains vulnerable to the 1-byte entropy downgrade. We conclude the talk describing the main lessons that we learned while finding and exploiting Bluetooth standard compliant 0 days.

The KNOB attacks were identified, investigated, and demonstrated by Daniele Antonioli, Nils Tippenhauer, and Kasper Rasmussen, more information at https://knobattack.com.

Decentralized Privacy-Preserving Proximity Tracing

Sun, 26 Apr 2020 00:00:00 +0000

Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy

Sun, 26 Apr 2020 00:00:00 +0000

Our new paper Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy will appear in the ACM Transactions on Privacy and Security.

Our paper extends our previous work on the KNOB attack on Bluetooth BR/EDR to Bluetooth Low Energy (BLE), presents an updated evaluation of the KNOB attack for Bluetooth BR/EDR and discusses some of the countermeasures put in place by vendors such as Google and Apple after the disclosure of the KNOB attack and the amendment of the Bluetooth standard.

Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy

Sun, 26 Apr 2020 00:00:00 +0000

Bluetooth Impersonation AttackS (BIAS) at IEEE S&P 2020

Thu, 16 Apr 2020 00:00:00 +0000

Our paper Bluetooth Impersonation AttackS (BIAS) will be presented at the IEEE Symposium on Security and Privacy (IEEE S&P) 2020.

More information are available in the BIAS website

The BIAS code will be also uploaded soon! Stay tuned and unbiased 😄

KNOB Attacks Talk at Hardwear.io 2020

Sun, 05 Apr 2020 00:00:00 +0000

I’m glad to give a talk titled From the Bluetooth Standard to Standard Compliant 0-days together with Mathias Payer at the virtual edition of Hardwear.io 2020.

Our talk covers, among others, the technical details behind the Key Negotiation Of Bluetooth (KNOB) attack on Bluetooth BR/EDR, its extension to BLE, and the countermeasures adopted by vendors, such as Google and Apple, to mitigate the KNOB attacks.

Please join us at the virtual conference! 😄

BIAS: Bluetooth Impersonation AttackS

Thu, 26 Mar 2020 00:00:00 +0000

InspiredResearch Newsletter University of Oxford

Fri, 10 Jan 2020 00:00:00 +0000

The InspiredResearch (Winter 2019 Issue 15) twice-yearly newsletter from the Computer Science Department of the University of Oxford features a nice article about the KNOB attack by Prof. Kasper Rasmussen.

Security Engineering Third Edition (SEv3)

Sat, 07 Dec 2019 00:00:00 +0000

Recently, I’ve stumbled upon the webpage about Security Engineering – Third Edition (SEv3) by Prof. Ross Anderson. I’m particularly attached to this book, as it is the first book about information security that I bought (I bought SEv2 in 2012), and it was very helpful to introduce me to security engineering (coming from an EE background) and to tackle my master thesis about Random Number Generators. Actually, I have to thank Prof. Wayne Burleson for the book recommendation!

I’m very proud that the Cryptography Chapter of SEv3 (so far 😄) includes a discussion about the KNOB attack in the subsection about Diffie-Hellman key establishment (5.7.2.2). I look forward to read SEv3 once is ready!

Postdoc with Mathias Payer's HexHive group at EPFL

Fri, 29 Nov 2019 14:28:36 +0800

Next January I will join as a postdoc Mathias Payer’s HexHive group at EPFL.

Looking forward to start a new adventure, and meet old and new friends.

😆

KNOB Attack References and Advisories

Thu, 17 Oct 2019 00:00:00 +0000

I’ve collected a list of references and advisories about the KNOB attack from several hardware and software providers and organizations. You can find it in the last paragraph of the “Are my Devices Vulnerable?” section of knobattack.com.

Please let me know if any link in the list is wrong and/or broken, and if you find other relevant links!

Video of my KNOB Attack Presentation at USENIX Security 2019

Mon, 07 Oct 2019 00:00:00 +0000

Title of the paper: The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR:

More info at knobattack.com

Bluetooth blues: KNOB Attack Explained

Sat, 14 Sep 2019 00:00:00 +0000

In this interview we present the KNOB attack as part of the CyberWire’s Research Saturday session.

Alternative link.

KNOB Attack Interview with Dave Bittner (CyberWire)

Sat, 14 Sep 2019 00:00:00 +0000

Today CyberWire aired my interview about the KNOB attack with Dave Bittner.

Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems

Tue, 27 Aug 2019 00:00:00 +0000

PhD at SUTD Completed!

Tue, 27 Aug 2019 00:00:00 +0000

I’m glad to announce that I’ve completed my PhD in Computer Science at SUTD about Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems. I’ve uploaded my thesis and the slides of my final presentation. For more information have a look here.

🎶 😆 🎶

KNOB Attack Add Slave Patch for poc-internalblue

Mon, 26 Aug 2019 00:00:00 +0000

I’ve pushed the code to perform the KNOB attack also when the Nexus 5 is the Bluetooth slave responding to the first LMP packet. To switch between different attack modes have a look at the updated README.

For more information visit knobattack.com

Bluetooth KNOB Attacks

Tue, 20 Aug 2019 00:00:00 +0000

In 2019 we disclosed two families of high impact attacks affecting the entropy negotiation protocols of Bluetooth Classic (BC) and Bluetooth Low Energy (BLE). We named the attacks Key Negotiation of Bluetooth (KNOB) attacks. They are tracked as CVE-2019-9506.

Our first work titled The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR explains how to exploit BC’s entropy negotiation to downgrade the entropy of a Bluetooth security key to 1 byte and then brute-force it.

In a follow-up work titled Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy we analyzed also BLE and found that it is vulnerable as well to the KNOB attacks. In this case the attacker can downgrade the entropy of BLE security key to 7 bytes and then brute-force it.

USENIX Security 2019 Paper Presentation

Bluetooth blues: KNOB attack explained. — Research Saturday

BIAS + KNOB attack against Bluetooth IACR Attacks in Crypto

From Bluetooth Standard to Standard Compliant 0-days Hardwear.io

KNOB Attack FAQ

Mon, 19 Aug 2019 00:00:00 +0000

In this post I’m trying to address some discussion points and misconceptions about the KNOB attack.

Attribution

Researchers from CISPA discovered the KNOB attack

Partially true. The KNOB attack was discovered by myself (Daniele Antonioli) from SUTD, Nils Ole Tippenhauer from CISPA, and Kasper Rasmussen from the University of Oxford. In particular, I’ve identified the vulnerability back in May 2018 while I was working with Kasper on Nearby Connections at the University of Oxford, and I wrote the first exploit in October 2018 while I was visiting Nils (my former advisor at SUTD) at CISPA. I’d like to thank the researchers from CISPA who kindly lent me their Bluetooth devices.

Attack

The KNOB attack is performed while two Bluetooth BR/EDR devices are pairing

False. The KNOB attack targets the connection phase and can be conducted between two devices are already paired. See also slide 6

The KNOB attack can only be used to spy Bluetooth communications

Partially true. The KNOB attack can also be used to inject valid ciphertext, e.g., to impersonate a legitimate Bluetooth device.

The KNOB attack reduces the encryption key size to 1 byte

False. The encryption key size stays the same (16 bytes). The KNOB attack reduces the entropy (randomness) of the key to 1 byte. For example the key 0xa395a045bf2410983b4309214598beaf (16 byte of entropy) is reduced to 0xa3000000000000000000000000000000 (1 byte of entropy) and not to 0xa3.

The KNOB attack is theoretical

False. The KNOB attack exploits an actual vulnerability in the key negotiation protocol of Bluetooth (BR/EDR). As it is an attack at the architectural level, all standard compliant devices are potentially vulnerable. Back in 2018 we performed the KNOB attack on more than 20 Bluetooth devices, and all of them were vulnerable. You can test if your device is vulnerable by using our PoC.

The attacker has to be “local” or in a “privileged” position

False. The KNOB attack can be conducted remotely. For obvious reasons the attacker has to be in Bluetooth range, but this does not imply a privileged position.

Internalblue enabled the discovery of the KNOB attack

False. I’ve discovered the vulnerability while I was analyzing Nearby Connections and reading the Bluetooth specification in May 2018. Then, while I was looking at devices with an open source Bluetooth firmware, I’ve stumbled upon the Internalblue v0.1. To implement the attack I had to extend Internalblue to support LMP packet injection, and develop some extra code for E0. Nevertheless, Internalblue is an awesome project, I recommend it, and I thank Dennis and Jiska for releasing it to the public.

Implementation

The researchers did not implement the attack

False. We implemented the KNOB attack and our implementation generates the same effects of a remote KNOB attack conducted over the air. This is nice because we have a reliable and cheap attack setup that can be reproduced without the need of signal manipulation and jamming techniques, and SDR. If you want to reproduce the attack look at our repo.

The researchers implemented only the firmware attack

False. We implement the remote attack by patching the firmware of one of the victim devices (Nexus 5). Our patches simulate the effect of a remote MitM attack and they do not change any firmware logic. This allows us to test the effect of a remote MitM attack on actual devices without having to perform the attack over the air.

KNOB Attack Code for E0 and Slides from SEC19 are Online

Sun, 18 Aug 2019 00:00:00 +0000

The code that we developed to validate and brute force E0 encryption keys is online.

The slides of my KNOB attack SEC19 talk are also online. As we can see from the slides, the KNOB attack is not conducted while two Bluetooth devices are pairing, but when two devices are connecting (establishing a new encrypted session). Bluetooth (BR/EDR) is a technology with a pair-once connect-multiple-times paradigm. For example, you pair your smartphone with your car once, and then every day you connect the two and the devices negotiate a new (fresh) encryption key.

For more information visit knobattack.com

KNOB Attack Repository is Online

Fri, 16 Aug 2019 00:00:00 +0000

Our KNOB repository is online, and it includes our PoC.

For more information visit knobattack.com

Key Negotiation Of Bluetooth (KNOB) Attack

Wed, 14 Aug 2019 00:00:00 +0000

The embargo is over! The information about The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR, including our research paper, CVE details, and media coverage, are publicly available at knobattack.com

My PhD Defense at SUTD

Mon, 10 Jun 2019 11:28:36 +0800

Soon I’m going to defend my PhD thesis at SUTD. Feel free to join!

Date and time:

Friday, 5 July 2019, 10:00 - 11:00 (AM)

Venue:

Think Tank 20 (2.305)

Title of the talk:

Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless System

Abstract:

In the first part of the presentation we will talk about our recent contributions in the area of wireless systems security. Wireless systems are used to transmit (sensitive) information and to manage and monitor systems remotely. In our recent works we focus on three problems to advance the security of wireless systems: effectiveness of deployed physical layer features as defense mechanisms, complexity and accessibility of wireless technologies, and security evaluations of wireless protocols. Firstly, we present a theoretical and empirical comparisons between b/n/ac amendments of IEEE 802.11 (WLAN). Our goal is to estimate and measure whether or not modern physical layer features, such as MIMO and beamforming, could be used to as defense mechanism. Afterwards, we will talk about our security analysis of Nearby Connections, a proprietary API for proximity-based services developed by Google. This API uses a combination of Bluetooth and Wi-Fi, and it is included in all Android devices since version 4.0 and all Android Things devices. Our analysis uncovers the proprietary (security) mechanisms of Nearby Connections and it is based on our reverse-engineering of its implementation. We demonstrate that Nearby Connections is vulnerable to critical threats by implementing attacks where we maliciously manipulate Nearby Connections and we extend the connection range to devices that are not nearby. Prior to publication we disclosed our findings to Google and we suggested them effective countermeasures. In the last part of the presentation we will summarize our contributions in the area of cyber-physical systems (CPS). In particular we will introduce MiniCPS, a toolkit for real-time CPS simulation and emulation and its related projects and use cases.

NDSS 2019 YouTube video of the presentation

Wed, 03 Apr 2019 00:00:00 +0000

My NDSS 2019 presentation of Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google’s “Nearby Connections” on Android

The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation of Bluetooth BR/EDR

Mon, 01 Apr 2019 00:00:00 +0000

NDSS 2019 in San Diego

Tue, 26 Feb 2019 11:28:36 +0800

This week I’ve been in San Diego CA for the The Network and Distributed System Security Symposium (NDSS) 2019 conference.

I’ve presented our paper about Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android.

Please have a look at the slides, at the, Soft AP manipulation PoC and the reddit thread.

CFP: Cyber-Physical System SECurity (CPS-SEC) Workshop 2019

Thu, 14 Feb 2019 00:00:00 +0000

Recently, I’ve accepted the invitation to join the IEEE CPS-SEC workshop TPC. CPS-SEC is co-located with the IEEE CNS conference . From the official website:

The IEEE International Workshop on Cyber-Physical Systems Security (CPS-Sec) will be held in conjunction with the IEEE Conference on Communications and Network Security (CNS) 2019 in Washington, D.C., USA, on 10-12 June, 2019.

Nowadays, the correct functioning of information systems represents a fundamental milestone for the well-being of modern economies and societies. The scientific evolution of digital, analog, and physical components with the interactions between networks created the Cyber-Physical Systems (CPS). Even though the benefits of the cyber and physical world interactions are noticeable, new security challenges have arisen: typical vulnerabilities from the cyber domain emerged in CPS. Cyber-attacks over CPS pose different security challenges. In particular, classic Information Technology (IT) cyber security tools are considered partially or totally ineffective in CPS scenarios because complex cyber-physical attacks could avoid security detection methodologies developed specifically for the IT world. The prevention, detection, and mitigation of cyber-attacks encompass both the physical and the cyber layers of a system: to this end, approaches to securing CPS consider techniques adopted in the physical domain and in the cyber space.

Following the success of the previous editions, the IEEE International Workshop on Cyber-Physical Systems Security 2019 (CPS-Sec 2019) aims to represent a forum for researchers and practitioners from industry and academia interested in the areas of CPS security. CPS-Sec 2019 seeks novel submissions describing practical and theoretical solutions to the cyber-physical security challenges. A submission may represent any CPS domain, including embedded systems, Internet of Things (IoT), Industrial Internet of Things (IIoT), SCADA Systems, Smart-Grid Systems, Critical Infrastructure, Automotive and Transportation Systems, Medical applications.

Important dates:
- Submission Deadline: 15 March, 2019 (extended)
- Notification of Acceptance: 26 March, 2019
- Camera-Ready: 2 April, 2019

Slides

Tue, 05 Feb 2019 00:00:00 +0000

Create slides in Markdown with Wowchemy

Wowchemy | Documentation

Features

Efficiently write slides in Markdown
3-in-1: Create, Present, and Publish your slides
Supports speaker notes
Mobile friendly slides

Controls

Next: Right Arrow or Space
Previous: Left Arrow
Start: Home
Finish: End
Overview: Esc
Speaker notes: S
Fullscreen: F
Zoom: Alt + Click
PDF Export: E

Code Highlighting

Inline code: variable

Code block:

porridge = "blueberry"
if porridge == "blueberry":
    print("Eating...")

Math

In-line math: $x + y = z$

Block math:

$$ f\left( x \right) = ;\frac{{2\left( {x + 4} \right)\left( {x - 4} \right)}}{{\left( {x + 4} \right)\left( {x + 1} \right)}} $$

Fragments

Make content appear incrementally

{{% fragment %}} One {{% /fragment %}}
{{% fragment %}} **Two** {{% /fragment %}}
{{% fragment %}} Three {{% /fragment %}}

Press Space to play!

One **Two** Three

A fragment can accept two optional parameters:

class: use a custom style (requires definition in custom CSS)
weight: sets the order in which a fragment appears

Speaker Notes

Add speaker notes to your presentation

{{% speaker_note %}}
- Only the speaker can read these notes
- Press `S` key to view
{{% /speaker_note %}}

Press the S key to view the speaker notes!

Themes

black: Black background, white text, blue links (default)
white: White background, black text, blue links
league: Gray background, white text, blue links
beige: Beige background, dark text, brown links
sky: Blue background, thin dark text, blue links

night: Black background, thick white text, orange links
serif: Cappuccino background, gray text, brown links
simple: White background, black text, blue links
solarized: Cream-colored background, dark green text, blue links

Custom Slide

Customize the slide style and background

{{< slide background-image="/media/boards.jpg" >}}
{{< slide background-color="#0000FF" >}}
{{< slide class="my-style" >}}

Custom CSS Example

Let’s make headers navy colored.

Create assets/css/reveal_custom.css with:

.reveal section h1,
.reveal section h2,
.reveal section h3 {
  color: navy;
}

Questions?

Ask

Documentation

Reversing and Attacking Google Nearby

Sat, 02 Feb 2019 17:46:49 +0800

In 2019 in a paper titled Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android we uncovered issues on Nearby Connections, an proprietary Google API included in all Android devices. The API is used to provide proximity-based services using a combination of Bluetooth and Wi-Fi wireless technologies.

We developed an open-sourced REarby, a toolkit to automate reverse engineering and attacking Nearby Connections.

NDSS 2019 Paper Presentation

Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android

Sat, 02 Feb 2019 00:00:00 +0000

NDSS 2019 camera-ready and PoC attack code

Wed, 23 Jan 2019 00:00:00 +0000

The camera-ready version of Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google’s “Nearby Connections” on Android is available here

We also released a proof of concept code to perform the Soft AP manipulation attack. The code was previously disclosed to Google. In summary, the attack allows a malicious Nearby Connections server (advertiser) to redirect a client to a malicious Internet connected access point. As a result the attacker can reconfigure the wireless network interface of the victim via DHCP and gets access to all the Wi-Fi traffic (even traffic from non Nearby Connections applications).

Academic day_night and search

Sun, 02 Dec 2018 11:28:36 +0800

Recently gcushen updated Academic (the theme that I’m using to build this website with hugo) with two useful features that I recommend to use: day_night and search.

day_night allows the reader to toggle light and dark color themes for the website. If you look at the top navigation bar on the right you should spot an icon with either a moon (to switch to a dark theme) or a sun (to switch to a light theme).

search allows to search the website using keywords such as minicps or rearby. This functionality is accessed by clicking the magnifying glass icon close to the theme switch icon or by using vim-like shortcuts: / enables search and Esc disables it. Currently, this functionality can be supported using built-in Fuse (client-side) or Agolia (server-side). I’m using the first option.

If you are browsing from a mobile device the icons can be found by tapping the global menu icon.

Our Paper is Accepted for NDSS 2019

Thu, 15 Nov 2018 00:00:00 +0000

I’m very happy to announce that our paper titled Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google’s “Nearby Connections” on Android has been accepted for the The Network and Distributed System Security Symposium (NDSS). Here you can download a pre-print. Here is the list of accepted papers for NDSS 2019 Soon I’ll update more material such an exploit PoC code.

Congratulations to Kasper and Nils and thank you for the help.

Visiting Researcher at CISPA, University of Saarbrücken

Thu, 23 Aug 2018 11:28:36 +0800

As part of my PhD I’ve recently joined as a visiting researcher the CISPA – Helmholtz-Zentrum, Saarbruecken 🇩🇪.

I’m going to spend six months there, supervised by Prof. N.O. Tippenhauer.

Taking Control: Design and Implementation of Botnets for Cyber-Physical Attacks with CPSBot

Thu, 26 Apr 2018 00:00:00 +0000

State-Aware Anomaly Detection for Industrial Control Systems

Mon, 05 Mar 2018 00:00:00 +0000

HowTo: Connect to the SUTD's eduroam using (Arch) Linux

Sat, 27 Jan 2018 11:28:36 +0800

After the post about connecting to SUTD’s VPN is now time to connect eduroam! Again, SUTD’s IT support for (Arch) Linux at the time of writing is none.

SUTD runs a setup with only username-password (no certificates required) and the connection can be established using the GUI of NetworkManager. If your WiFi card is on and eduroam is in your range you should see the eduroam SSID on the list of the available WiFi networks. If you attempt to connect then all you need to do is enter your username and password. As usual, PhD student and staff are separated into different namespaces. Use the username [email protected] if you are a staff member or [email protected] if you are a student (xxxxxxx is your 7-digits student id). The password should be the same as the one you are using to connect to the Internet from SUTD.

Your NetworkManager Wi-Fi Security screen should look like this (username and password are obscured):

🐧

HowTo: Connect to the SUTD's VPN using (Arch) Linux as a Student

Sat, 20 Jan 2018 11:28:36 +0800

I’ve recently came across the problem of connecting to the SUTD VPN server from overseas. SUTD’s IT support for (Arch) Linux at the time of writing is none, and after a bit of research I’ve found a quick and easy solution.

SUTD runs Pulse Connect Secure (PCS) server, a commercial solution known as Juniper SSL VPN. Luckily there is an open-source client that supports PCS named OpenConnect. Arch has an openconnect package and a NetworkManager plugin called networkmanager-openconnect. Install both packages trough your package manager.

Then you can use the (user-friendly?) NetworkManager GUI to add the new VPN setup. Use the openconnect profile and all the default options (eg: no need of Realm, and Certificates). Point your Gateway to https://sutdvpn.sutd.edu.sg/dana-na/auth/url_0/welcome.cgi and your GUI screen should look like this:

Then save it and you will be prompted to accept a certificate. Once you accept it you can enter your username (student_id eg: 1001234) and passwords (same as the SUTD_Student network’s one). Once you are connected your GUI should present you a message to confirm that. You can manually check it using ifconfig and route commands. If you encounter problems try to have a look here or post a comment below.

P.S. Thanks to Nils’s post from which I’ve started my research, this post should update it with an easier setup!

🐧

Visiting Researcher at the University of Oxford

Sun, 14 Jan 2018 11:28:36 +0800

As part of my PhD I’ve recently joined as a visiting researcher the Department of Computer Science, University of Oxford 🇬🇧.

I’m going to spend around six months there, supervised by Prof. Kasper Rasmussen and co-supervised by Prof. Ivan Martinovic.

I’m very excited!

SAC 2018

Thu, 21 Dec 2017 11:28:36 +0800

I’m happy to announce that our paper titled State-Aware Anomaly Detection for Industrial Control Systems has been accepted for the Symposium On Applied Computing (SAC) 2018 conference.

Congratulations to Hamid, and the co-authors!

Institutional Email Issue

Sun, 26 Nov 2017 11:28:36 +0800

For some reasons my [email protected] email address was deactivated without notice sometime at the end of October 2017. Unfortunately I’ve discovered it only this week and I’m still trying to reactivate it. I apologize if you recently got an error message while trying to send me an email to that address.

Please use the [email protected] address instead. I ❤️ ✉️

S317: MiniCPS Challenges

Tue, 21 Nov 2017 14:28:36 +0800

I recently open-sourced the code that I developed for the MiniCPS challenges for the SWaT Security Showdown (S3) event in 2017.

Here is the code.

The init.sh contains the list of commands that I run on a local testing machine and on the remote AWS instances that we used during the event. The attackers were provided with the VPN credentials to access two different subnetworks in a mixed MiniCPS simulation eg: water treatment (SWaT) and water distribution (WaDI).

The code is expecting to find the four files (flags) in the /root/flags folder named wadi1, wadi2, flag2, and flag3. Indeed you have to create those files and write the string flags.

The relevant information to start and stop the challenges are in the README.md. In general, I like to use a Makefile as a launcher for the various commands. If you open the file, you will find several targets. To test the challenges locally use:

make local

Please let me know if you find any bugs or missing files.

MiniCPS Framework

Tue, 07 Nov 2017 17:46:49 +0800

MiniCPS is a framework that we developed to simulate/emulate Cyber-Physical Systems, including Industrial Control System. MiniCPS is open source and available on Github. The framework is build on top of Mininet.

We used the framework in several other projects such as the development of novel attacks (e.g., ICS botnets), countermeasures (e.g., high-interaction ICS honeypots), and gamified ICS security competitions (e.g., S3 ICS CTF).

Gamifying ICS Security Training and Research: Design, Implementation, and Results of S3

Wed, 01 Nov 2017 00:00:00 +0000

Practical Evaluation of Passive COTS Eavesdropping in 802.11b/n/ac WLAN

Sat, 07 Oct 2017 00:00:00 +0000

ST Engineering Poster Award at FIRST Industry Workshop 2017

Wed, 26 Jul 2017 11:28:36 +0800

I’m happy to announce that my poster titled Towards high-interaction virtual ICS honeypots-in-a-box won the ST Engineering Poster Award at the FIRST industry workshop, held at SUTD. This is a special gift one day before my 30th birthday! Here I’m sharing a picture from the award ceremony:

Congratulations also to Hamid who won one award:

and Eyasu who managed to win two awards:

Future of Science, Technology and Policy Workshop

Mon, 17 Jul 2017 11:28:36 +0800

Recently I was selected as a mentor for the cybersecurity track of the Future of Science, Technology and Policy Workshop, organized by SMART. I had the privilege to supervision six graduate and post-graduate colleagues with different backgrounds:

Jukka Isohätälä from NUS (Physics and CS)
Nikhil Mallareddy from MIT (Environmental Engineering)
Ioannis Fousekis from ETH (EECS and Economics)
Michael Wicki from ETH (Political sciences and Economics)
Fabian Willibaldf rom ETH (Environmental Engineering)
Jay Prakash from SUTD (EECS)

I’m presenting the summary of our activities of day 2 related to cybersecurity organized at my institution SUTD:

We started knowing about Singapore’s Cyber-Security Agency (CSA). In particular, we were introduced to Singapore cybersecurity strategies and long-term plans.Then we heard the personal story of a cybersecurity startup founder and we discovered common and effective threats in the cybersecurity landscape. Finally, we heard two presentations from two SUTD cybersecurity professors about novel cybersecurity problems and solutions, such as cyber-physical systems, IoT and adversarial machine learning. We understood the importance of education and awareness when talking about cybersecurity.

After lunch we visited SUTD’s world-class cybersecurity facilites. We started from iTrust, SUTD’s cybersecurity research centre. iTrust covers a broad range of topics spanning from theoretical to applied cybersecurity. The range of research area covered spans from traditional computer security to domain-specific areas such as: industrial control systems, Internet of Things, and autonomous vehicles.

iTrust in collaboration with the Singapore government and private industries has developed four state-of-the-art testbeds. Those testbed allow researchers to apply and evaluate their ideas in realistic and safe environment. We now briefly comment of each of the testbed. The Secure Water Treatment testbed is the oldest and it includes advanced sub-processes such as Ultrafiltration and Reverse Osmosis. The water treated by SWaT is one of the sources of the second oldest testbed: the Water Distribution (WaDi) testbed. WaDi is a miniaturized reproduction of a water distribution facility with six consumers tanks with independent demands patters. WaDi can be used to simulated water leakages, water-hammer attacks and water contamination. Both SWaT and WaDi can be powered by EPIC the smart grid testbed. EPIC is the newest and less-know testbed at SUTD and several researchers are actively working to evaluate it. Finally, we visited the Internet-of-Things testbed that includes an anechoic chamber to perform radio tests and several Commercial-Off-The-Shelf devices (such as IP camera, smart thermostats and smart lamps) to recreate a smart home environment.

Overall it was a very rich experience. We understand that coming up with a cybersecurity policy is a hard problem for several independent reasons such as cross-disciplinary knowledge, funding, awareness, and education.

Here I’m sharing a picture with all the participants from SUTD:

More pictures here

Legacy-Compliant Data Authentication for Industrial Control System Traffic

Sat, 01 Jul 2017 00:00:00 +0000

Towards high-interaction virtual ICS honeypots-in-a-box

Fri, 01 Jan 2016 00:00:00 +0000

This paper won the Research excellence award by ST Engineering during the FIRST workshop in 2017.

MiniCPS: A toolkit for security research on CPS networks

Thu, 01 Jan 2015 00:00:00 +0000

Design and Testing of Random Number Generators (RNG)

Tue, 01 Jan 2013 00:00:00 +0000

On-chip lightweight implementation of reduced NIST randomness test suite

Tue, 01 Jan 2013 00:00:00 +0000

Mon, 01 Jan 0001 00:00:00 +0000