MakeShift: Security Analysis of Shimano Di2 Wireless Gear Shifting in Bicycles
The bicycle industry is increasingly adopting wireless gear-shifting technology for its advantages in performance and design. In this paper, we explore the security of these systems, focusing on Shimano's Di2 technology, a market leader in the space. Through a blackbox analysis of Shimano's proprietary wireless protocol, we uncovered the following critical vulnerabilities: (1) A lack of mechanisms to prevent replay attacks that allows an attacker to capture and retransmit gear shifting commands;