Abaphandi bokhuseleko abavela kwi-F-Secure Izitshixo zocango oluhlakaniphile i-KeyWe Smart Tshixo kwaye iveze inzulu , evumela ukusebenzisa yeBluetooth Low Energy kunye neWireshark ukuthintela ukugcwala kwetrafikhi kunye nokukhupha kuyo isitshixo esiyimfihlo esisetyenziselwa ukuvula iqhaga kwi-smartphone.
Ingxaki igxininiswe kukuba izitshixo azixhasi uhlaziyo lwe-firmware kwaye ubungozi buya kulungiswa kuphela kwibhetshi entsha yezixhobo. Abasebenzisi abakhoyo banokususa ingxaki kuphela ngokutshintsha isitshixo okanye ukuyeka ukusebenzisa i-smartphone yabo ukuvula ucango. I-KeyWe itshixa ivenkile ye-155 yeedola kwaye iqhele ukusetyenziswa kwiingcango zokuhlala kunye nezorhwebo. Ukongeza kwisitshixo esiqhelekileyo, isitshixo sinokuvulwa ngesitshixo se-elektroniki ngesicelo seselula kwi-smartphone okanye usebenzisa isongo esinethegi ye-NFC.
Ukukhusela umjelo wonxibelelwano apho imiyalelo idluliselwa kwisicelo seselula, i-algorithm ye-AES-128-ECB isetyenzisiweyo, kodwa isitshixo se-encryption senziwa ngokusekelwe kwizitshixo ezimbini ezinokuqikelelwa - isitshixo esiqhelekileyo kunye nesitshixo esongezelelweyo esibalwe, esinokulula. uzimisele. Iqhosha lokuqala lenziwa ngokusekelwe kwiiparamitha zoqhagamshelwano lweBluetooth njengedilesi ye-MAC, igama lesixhobo kunye neempawu zesixhobo.
I-algorithm yokubala iqhosha lesibini inokumiselwa ngokuhlalutya kwesicelo seselula. Ekubeni ulwazi lokuvelisa izitshixo luyaziwa ekuqaleni, ukubethelwa kusemthethweni kuphela kwaye ukukrazula isitshixo kwanele ukumisela iiparitha zokukhiya, ukunqanda iseshoni yokuvula umnyango kwaye ukhuphe ikhowudi yokufikelela kuyo. I-Toolkit yokuhlalutya umjelo wonxibelelwano ngokutshixa kunye nokumisela izitshixo zokufikelela kwiGitHub.
umthombo: opennet.ru