/filters:background_color(white)/2025-03/60_2230C_straight.png)
/filters:background_color(white)/s3fs-public/2018-10/60_SiP_straight.png)
Answer
The specification of Bluetooth includes an encryption key negotiation protocol that allows for the negotiate encryption keys with 1 Byte of entropy without protecting the integrity of the negotiation process.
A remote attacker can manipulate the entropy negotiation to let any standard compliant Bluetooth device negotiate encryption keys with 1 byte of entropy and then brute force the low entropy keys in real time.
With the 7.1.0.9 release for the ST60/SU60, all options including USB-USB have addressed and resolved the KNOB attack vulnerability.