Practical Man-In-The-Middle Attacks Against Bluetooth Secure Simple Pairing

被引:0
|
作者
Haataja, Keijo [1 ]
Toivanen, Pekka [1 ]
机构
[1] Univ Kuopio, Dept Comp Sci, FIN-70211 Kuopio, Finland
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
We propose two practical MITM (Man-In-The-Middle) attacks against Bluetooth SSP (Secure Simple Pairing). Our first attack requires some kind of visual contact to the victim devices in order to mislead the user to select a less secure option instead of using a more secure OOB (Out-Of-Band) channel. Our second attack illustrates how widely used Bluetooth headsets and hands-free devices are susceptible to MITM attacks without even requiring the attacker to have visual contact to the victim devices. Moreover, we propose countermeasures that render these attacks impractical although not totally eliminating their potential danger.
引用
收藏
页码:4821 / 4825
页数:5
相关论文
共 50 条
  • [1] Two Practical Man-In-The-Middle Attacks on Bluetooth Secure Simple Pairing and Countermeasures
    Haataja, Keijo
    Toivanen, Pekka
    IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, 2010, 9 (01) : 384 - 392
  • [2] Nino Man-In-The-Middle attack on Bluetooth Secure Simple Pairing
    Hypponen, Konstantin
    Haataja, Keijo M. J.
    2007 THIRD IEEE/IFIP INTERNATIONAL CONFERENCE IN CENTRAL ASIA ON INTERNET, 2007, : 64 - 68
  • [3] Man-in-the-Middle Attack and Its Countermeasure in Bluetooth Secure Simple Pairing
    Mutchukota, Thrinatha R.
    Panigrahy, Saroj Kumar
    Jena, Sanjay Kumar
    COMPUTER NETWORKS AND INTELLIGENT COMPUTING, 2011, 157 : 367 - 376
  • [4] Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5.0 and its countermeasure
    Da-Zhi Sun
    Yi Mu
    Willy Susilo
    Personal and Ubiquitous Computing, 2018, 22 : 55 - 67
  • [5] Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5.0 and its countermeasure
    Sun, Da-Zhi
    Mu, Yi
    Susilo, Willy
    PERSONAL AND UBIQUITOUS COMPUTING, 2018, 22 (01) : 55 - 67
  • [6] Mobile Authentication Secure Against Man-In-The-Middle Attacks
    Bicakci, Kemal
    Unal, Devrim
    Ascioglu, Nadir
    Adalier, Oktay
    9TH INTERNATIONAL CONFERENCE ON FUTURE NETWORKS AND COMMUNICATIONS (FNC'14) / THE 11TH INTERNATIONAL CONFERENCE ON MOBILE SYSTEMS AND PERVASIVE COMPUTING (MOBISPC'14) / AFFILIATED WORKSHOPS, 2014, 34 : 323 - 329
  • [7] Bluetooth Man-In-The-Middle Attack Based on Secure Simple Pairing using Out of Band Association Model
    Sharmila, D.
    Neelaveni, R.
    Kiruba, K.
    PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON CONTROL, AUTOMATION, COMMUNICATION AND ENERGY CONSERVATION INCACEC 2009 VOL 1, 2009, : 353 - +
  • [8] The design and implementation of a secure CAPTCHA against man-in-the-middle attacks
    Petrillo, Umberto Ferraro
    Mastroianni, Giovanni
    Visconti, Ivan
    SECURITY AND COMMUNICATION NETWORKS, 2014, 7 (08) : 1199 - 1209
  • [9] Secure Messaging Authentication against Active Man-in-the-Middle Attacks
    Dowling, Benjamin
    Hale, Britta
    2021 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P 2021), 2021, : 54 - 70
  • [10] Identification Schemes of Proofs of Ability Secure against Concurrent Man-in-the-Middle Attacks
    Anada, Hiroaki
    Arita, Seiko
    PROVABLE SECURITY, 2010, 6402 : 18 - 34
12345