Uploaded image for project: 'Embedded Software & Tools'
  1. Embedded Software & Tools
  2. EXT_EP-10617

[Errata 17113] Impersonation the Passkey Entry Protocol -- do not except the same x coordinate of the public key during pairing

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: High High
    • SimpleLink CC2640R2 SDK BLE Stack
    • BLESTACK-5554
    • BLE Stack 3.3.7 RC1
    • Hide
      BLE Stack 3.3.8
      BLE Stack 3.3.8 RC1
      Show
      BLE Stack 3.3.8 BLE Stack 3.3.8 RC1

      Description:

      • The proposed mitigation for Impersonation in the Passkey Entry Protocol vulnerability is to reject the peer public key in case it is identical to the local public key (E15668).
      • The above is not enough because the f4 function that is used to produce the verification code only uses the X coordinate value.
      • By looking at the ECDH formula, Y^2 = X^3 + aX + b there are two potential coordinates Y for every coordinate X.
      • That is, if an adversary sends another point that is on the curve and has the same X coordinate instead of simply reflecting the (X,Y) coordinate, its original purpose E15668 tries to achieve will fail. 

      Recommendations:

      • Reject the peer public key in case it has the same X-axis value as the local public key

            syncuser TI User
            syncuser TI User
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: