Bluetooth: host: Mark the option BT_FIXED_PASSKEY as insecure
Mark the option BT_FIXED_PASSKEY as an insecure option. During Legacy pairing the passkey is used as encryption key, and brute-forcing this is easy. During LE Secure Connections the passkey is checked one bit at a time, so when it is fixed the passkey can be deduced with series of pairing attempts. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit is contained in:
Joakim Andersson
Anas Nashif
parent
b9695c07cd
commit
97d59a7c6d
2 changed files with 7 additions and 0 deletions
|
|
@ -50,6 +50,7 @@ BT_HFP_HF,n,experimental
|
|||
BT_RFCOMM,n,experimental
|
||||
BT_DEBUG_SMP,n
|
||||
BT_OOB_DATA_FIXED,n
|
||||
BT_FIXED_PASSKEY,n
|
||||
BT_DEBUG_KEYS,n
|
||||
BT_USE_DEBUG_KEYS,n
|
||||
BT_STORE_DEBUG_KEYS,n
|
||||
|
|
|
|||
|
Can't render this file because it has a wrong number of fields in line 44.
|
|
|
@ -74,6 +74,12 @@ if(CONFIG_BT_DEBUG_SMP OR CONFIG_BT_DEBUG_KEYS)
|
|||
production."
|
||||
)
|
||||
endif()
|
||||
if(CONFIG_BT_FIXED_PASSKEY)
|
||||
message(WARNING "CONFIG_BT_FIXED_PASSKEY is enabled
|
||||
A fixed passkey is easy to deduce during the pairing procedure, do not use in
|
||||
production."
|
||||
)
|
||||
endif()
|
||||
if(CONFIG_BT_OOB_DATA_FIXED)
|
||||
message(WARNING "CONFIG_BT_OOB_DATA_FIXED is enabled.
|
||||
A hardcoded OOB data set will be stored in the image, do not use in
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue