Practical Man-In-The-Middle Attacks Against Bluetooth Secure Simple Pairing

被引:0
|
作者
Haataja, Keijo [1 ]
Toivanen, Pekka [1 ]
机构
[1] Univ Kuopio, Dept Comp Sci, FIN-70211 Kuopio, Finland
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
We propose two practical MITM (Man-In-The-Middle) attacks against Bluetooth SSP (Secure Simple Pairing). Our first attack requires some kind of visual contact to the victim devices in order to mislead the user to select a less secure option instead of using a more secure OOB (Out-Of-Band) channel. Our second attack illustrates how widely used Bluetooth headsets and hands-free devices are susceptible to MITM attacks without even requiring the attacker to have visual contact to the victim devices. Moreover, we propose countermeasures that render these attacks impractical although not totally eliminating their potential danger.
引用
收藏
页码:4821 / 4825
页数:5
相关论文
共 50 条
  • [21] Man in the middle attacks on Bluetooth
    Kügler, D
    FINANCIAL CRYPTOGRAPHY, PROCEEDINGS, 2003, 2742 : 149 - 161
  • [22] Impact of Man-In-The-Middle Attacks on Ethereum
    Ekparinya, Parinya
    Gramoli, Vincent
    Jourjon, Guillaume
    2018 IEEE 37TH INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS (SRDS), 2018, : 11 - 20
  • [23] Taxonomy of Man-in-the-Middle Attacks on HTTPS
    Stricot-Tarboton, Shaun
    Chaisiri, Sivadon
    Ko, Ryan K. L.
    2016 IEEE TRUSTCOM/BIGDATASE/ISPA, 2016, : 527 - 534
  • [24] Monitoring WLANs for man-in-the-middle attacks
    Harshini, NL
    Sridhar, G
    Sridhar, V
    PROCEEDINGS OF THE IASTED INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED COMPUTING AND NETWORKS, 2004, : 210 - 215
  • [25] Trusted-HB:: A low-cost version of HB+ secure against man-in-the-middle attacks
    Bringer, Julien
    Chabanne, Herve
    IEEE TRANSACTIONS ON INFORMATION THEORY, 2008, 54 (09) : 4339 - 4342
  • [26] Feasibility of the interlock protocol against man-in-the-middle attacks on quantum cryptography
    Svozil, K
    INTERNATIONAL JOURNAL OF QUANTUM INFORMATION, 2005, 3 (04) : 649 - 654
  • [27] DoubleCheck: Multi-path Verification Against Man-in-the-Middle Attacks
    Alicherry, Mansoor
    Keromytis, Angelos D.
    ISCC: 2009 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, VOLS 1 AND 2, 2009, : 556 - 562
  • [28] Defending Multi-Cloud Applications Against Man-in-the-Middle Attacks
    Reece, Morgan
    Lander, Theodore
    Mittal, Sudip
    Rastogi, Nidhi
    Dykstra, Josiah
    Sampson, Andy
    PROCEEDINGS OF THE 29TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2024, 2024, : 47 - 52
  • [29] MPTCP robustness against large-scale man-in-the-middle attacks
    Phung, Chi-Dung
    Silva, Benevid Felix
    Nogueira, Michele
    Secci, Stefano
    COMPUTER NETWORKS, 2019, 164
  • [30] A Precise Model to Secure Systems on Ethernet Against Man-In-The-Middle Attack
    Salim, Haider
    Li, Zhitang
    IT PROFESSIONAL, 2021, 23 (01) : 72 - 85
12345