Is Bluetooth low energy (BLE) still secure?
Some time ago, Bluetooth was hit by a severe exploit (KNOB attack) that rendered its encryption pretty much useless. Publishers like the German Heise summarized it in an article* as an issue in the firmware of Bluetooth radio affecting BR/EDR only. Therefore, BLE appears to be still secure. My question is if that's really the case and can I assume data-stream connections using BLE's L2CAP to be a secure communication channel (working encryption)? Moreover, is such a connection secured against typical MITM attack like replay attacks etc.?
jeanid last edited by
I found the answer. It's insecure. Both classic and LE are affected by KNOB attack and the session key can be downgraded. See https://francozappa.github.io/publication/knob-ble/
So, make sure to use another extra TLS layer ...