(Small) bias in generation of random passkeys for pairing

From: Pavel Machek
Date: Wed Jun 19 2019 - 12:30:07 EST


There's a (small) bias in passkey generation in bluetooth:

get_random_bytes(&passkey, sizeof(passkey));
passkey %= 1000000;
put_unaligned_le32(passkey, smp->tk);

(there are at least two places doing this).

All passkeys are not of same probability, passkey "000000" is more
probable than "999999", but difference is small.

Do we care?
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature