Practical Man-In-The-Middle Attacks Against Bluetooth Secure Simple Pairing

被引:0
|
作者
Haataja, Keijo [1 ]
Toivanen, Pekka [1 ]
机构
[1] Univ Kuopio, Dept Comp Sci, FIN-70211 Kuopio, Finland
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
We propose two practical MITM (Man-In-The-Middle) attacks against Bluetooth SSP (Secure Simple Pairing). Our first attack requires some kind of visual contact to the victim devices in order to mislead the user to select a less secure option instead of using a more secure OOB (Out-Of-Band) channel. Our second attack illustrates how widely used Bluetooth headsets and hands-free devices are susceptible to MITM attacks without even requiring the attacker to have visual contact to the victim devices. Moreover, we propose countermeasures that render these attacks impractical although not totally eliminating their potential danger.
引用
收藏
页码:4821 / 4825
页数:5
相关论文
共 50 条
  • [31] Authenticated Key Exchange Provably Secure Against the Man-in-the-Middle Attack
    Anna M. Johnston
    Peter S. Gemmell
    Journal of Cryptology, 2002, 15 : 139 - 148
  • [32] AMOGAP: Defending Against Man-in-the-Middle and Offline Guessing Attacks on Passwords
    Shen, Jaryn
    Yuen, Timothy T.
    Choo, Kim-Kwang Raymond
    Zeng, Qingkai
    INFORMATION SECURITY AND PRIVACY, ACISP 2019, 2019, 11547 : 514 - 532
  • [33] Authenticated key exchange provably secure against the man-in-the-middle attack
    Johnston, AM
    Gemmell, PS
    JOURNAL OF CRYPTOLOGY, 2002, 15 (02) : 139 - 148
  • [34] Analyzing the technique of a man-in-the-middle attack based on Bluetooth
    Qin, Xiang-Lin
    Harbin Gongye Daxue Xuebao/Journal of Harbin Institute of Technology, 2005, 37 (08): : 1159 - 1162
  • [35] Detecting Man-in-the-Middle Attacks by Precise Timing
    Aziz, Benjamin
    Hamilton, Geoff
    2009 THIRD INTERNATIONAL CONFERENCE ON EMERGING SECURITY INFORMATION, SYSTEMS, AND TECHNOLOGIES, 2009, : 81 - +
  • [36] Resilient Control in the Presence of Man-in-the-Middle Attacks
    Griffioen, Paul
    Romagnoli, Raffaele
    Krogh, Bruce H.
    Sinopoli, Bruno
    2021 AMERICAN CONTROL CONFERENCE (ACC), 2021, : 4553 - 4560
  • [37] Discovering man-in-the-middle attacks in authentication protocols
    Guha, Ratan K.
    Furqan, Zeeshan
    Muhammad, Shahabuddin
    2007 IEEE MILITARY COMMUNICATIONS CONFERENCE, VOLS 1-8, 2007, : 3654 - 3660
  • [38] Towards Securing Client-Server Connections against Man-in-the-Middle Attacks
    Ordean, Mihai
    Giurgiu, Mircea
    2012 10TH INTERNATIONAL SYMPOSIUM ON ELECTRONICS AND TELECOMMUNICATIONS, 2012, : 127 - 130
  • [39] Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks
    Moon, Seungyong
    An, Gaon
    Song, Hyun Oh
    THIRTY-SIXTH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE / THIRTY-FOURTH CONFERENCE ON INNOVATIVE APPLICATIONS OF ARTIFICIAL INTELLIGENCE / TWELVETH SYMPOSIUM ON EDUCATIONAL ADVANCES IN ARTIFICIAL INTELLIGENCE, 2022, : 7823 - 7830
  • [40] Android Forensics: Investigating Social Networking Cybercrimes against Man-in-the-Middle Attacks
    Al Zaabi, Khulood Ali
    2016 CYBERSECURITY AND CYBERFORENSICS CONFERENCE (CCC), 2016, : 48 - 54
12345