Practical Man-In-The-Middle Attacks Against Bluetooth Secure Simple Pairing

被引:0
|
作者
Haataja, Keijo [1 ]
Toivanen, Pekka [1 ]
机构
[1] Univ Kuopio, Dept Comp Sci, FIN-70211 Kuopio, Finland
来源
2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31 | 2008年
关键词
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
We propose two practical MITM (Man-In-The-Middle) attacks against Bluetooth SSP (Secure Simple Pairing). Our first attack requires some kind of visual contact to the victim devices in order to mislead the user to select a less secure option instead of using a more secure OOB (Out-Of-Band) channel. Our second attack illustrates how widely used Bluetooth headsets and hands-free devices are susceptible to MITM attacks without even requiring the attacker to have visual contact to the victim devices. Moreover, we propose countermeasures that render these attacks impractical although not totally eliminating their potential danger.
引用
收藏
页码:4821 / 4825
页数:5
相关论文
共 50 条
  • [41] A Novel Key Exchange Protocol Provably Secure Against Man-in-the-Middle Attack
    Chowdhury, Abhijit
    Nath, Shubhajit
    Howlader, Jaydeep
    NETWORKS AND COMMUNICATIONS (NETCOM2013), 2014, 284 : 275 - 280
  • [42] Bluetooth Secure Simple Pairing with enhanced security level
    Gajbhiye, Samta
    Karmakar, Sanjeev
    Sharma, Monisha
    Sharma, Sanjay
    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2019, 44 : 170 - 183
  • [43] Man-in-the-middle attacks on auto-updating software
    Luettmann, Bjoern M.
    Bender, Adam C.
    BELL LABS TECHNICAL JOURNAL, 2007, 12 (03) : 131 - 138
  • [44] Resilient Cooperative Control of Passivity-Short Systems Against Man-in-the-Middle Attacks
    Marasini, Ganesh
    Qu, Zhihua
    Mejia-Ruiz, Gabriel E.
    IFAC PAPERSONLINE, 2024, 58 (30): : 296 - 301
  • [45] Cloak and Dagger: Man-in-The-Middle and Other Insidious Attacks
    Thurimella, Ramakrishna
    Mitchell, William
    INTERNATIONAL JOURNAL OF INFORMATION SECURITY AND PRIVACY, 2009, 3 (03) : 55 - 75
  • [46] Detection of Man-in-the-Middle Attacks on Industrial Control Networks
    Eigner, Oliver
    Kreimel, Philipp
    Tavolato, Paul
    PROCEEDINGS OF 2016 INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND ASSURANCE (ICSSA), 2016, : 64 - 69
  • [47] Security and usability aspects of Man-in-the-Middle attacks on ZRTP
    Petraschek, Martin
    Hoeher, Thomas
    Jung, Oliver
    Hlavacs, Helmut
    Gansterer, Wilfried
    JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2008, 14 (05) : 673 - 692
  • [48] Man-in-the-middle attack on quantum secure communications with authentication
    Lin, Tzu Han
    Hwang, Tzonelish
    QUANTUM INFORMATION PROCESSING, 2014, 13 (04) : 917 - 923
  • [49] Characterizing Wi-Fi Man-In-the-Middle Attacks
    Amoordon, Andy
    Gransart, Christophe
    Deniau, Virginie
    2020 XXXIIIRD GENERAL ASSEMBLY AND SCIENTIFIC SYMPOSIUM OF THE INTERNATIONAL UNION OF RADIO SCIENCE, 2020,
  • [50] Man-in-the-Middle Attacks Against Machine Learning Classifiers Via Malicious Generative Models
    Wang, Derui
    Li, Chaoran
    Wen, Sheng
    Nepal, Surya
    Xiang, Yang
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2021, 18 (05) : 2074 - 2087
12345