Hi,Master:
In BT core_v5.0 2.3.5.6.3 Authentication Stage 1 – Passkey Entry, as shown in the figure below
Question:Why does the process loop 20 times, verifying one bit each time?
Assuming eavesdropping by capturing packets:
Loop 20 times Cai = f4(Pka, Pkb, Nai, rai).Since Pka, Pkb, Nai are known, rai is either 0x80 or 0x81.It is easy to crack the rai by substituting it into f4 for a maximum of two trials. Then, according to the parameters obtained in each loop, you can test up to 40 times to obtain the final ra, that is the passkey. Then the probability of enumerating the passkey is higher than the Legacy Pairing probability ( 1/1000000) is much higher.
Thank you very much!
