If an attacker attempts to impersonate a Logi Bolt wireless product to communicate with the Logi Bolt USB Receiver via RF, does the USB Receiver accept that input?
The usage of Secure Connections Only mode (Security Mode 1, Security Level 4) ensures that the communication is encrypted and authenticated. This means that there is a protection against on-path attackers which mitigates the risk of keystroke injection.
* Today there is no known attack on the Bluetooth Low Energy standard
For the Logi Bolt USB Receiver to accept input, does the input need to be encrypted?
Yes, the usage of Secure Connections Only mode (Security Mode 1, Security Level 4) ensures that the communication is encrypted and authenticated.
Is there a means for an attacker to derive or steal the per-device link-encryption keys that pair the wireless product to the USB Receiver from RF enabling the attacker to inject arbitrary keystrokes or eavesdrop and live decrypt input remotely?
Sensitive data like link encryption keys are protected when stored on the Logi Bolt USB receiver.
With the LE Secure Connection (Security Mode 1, Security Level 2 and above), the Long Term Key (LTK) is generated on both sides in such a way that an eavesdropper cannot guess it (Diffie-Hellman key exchange).
Can a remote attacker pair a new Logi Bolt wireless product to a Logi Bolt receiver, even if the user has not put the Logi Bolt USB receiver into pairing mode?
The receiver has to be in pairing mode to accept a new pairing .
Moreover, even if an attacker tricks the user to put the receiver in pairing mode, we included a software-enable capability that alerts on the host monitor that there has been a change in the USB receiver to which the wireless device is paired (alarm notification).