During a Bluetooth assessment, you observe two laptops that have already been paired with Secure Simple Pairing (SSP). To eavesdrop on their future Classic Bluetooth traffic, you plan to interfere with the next encryption setup so both devices agree on a trivially short one-byte session key that you can brute-force almost instantly. Which specific Bluetooth attack enables this key-length downgrade strategy?
Trigger the BlueBorne remote code execution vector
Exploit the BIAS (Bluetooth Impersonation AttackS) vulnerability
Perform a KNOB (Key Negotiation of Bluetooth) attack
The KNOB (Key Negotiation of Bluetooth) attack exploits a flaw in the Bluetooth specification that allows an active man-in-the-middle to shorten the negotiated encryption key to as little as one byte during the LMP encryption-key-length negotiation phase that occurs when two already-bonded devices reconnect. With such a weak key, the attacker can quickly brute-force the key and decrypt subsequent traffic.
BlueSnarfing targets data theft via the OBEX protocol but does not manipulate encryption keys. The BIAS attack lets an adversary impersonate a previously paired device by skipping mutual authentication, not by downgrading key length. BlueBorne is a collection of remote-code-execution vulnerabilities in Bluetooth stacks; it does not focus on key-length manipulation. Therefore, only the KNOB attack matches the described objective.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the Key Negotiation of Bluetooth (KNOB) attack?
Open an interactive chat with Bash
How does the KNOB attack differ from BlueSnarfing?
Open an interactive chat with Bash
What type of devices are vulnerable to the KNOB attack?
Open an interactive chat with Bash
What is the KNOB attack in Bluetooth security?
Open an interactive chat with Bash
How does the encryption-key-length negotiation phase work in Classic Bluetooth?
Open an interactive chat with Bash
How is the KNOB attack different from BlueSnarfing or BlueBorne?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Wireless Network Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .