Title :
Two practical man-in-the-middle attacks on Bluetooth secure simple pairing and countermeasures
Author :
Haataja, Keijo ; Toivanen, Pekka
Author_Institution :
Dept. of Comput. Sci., Univ. of Kuopio, Kuopio, Finland
fDate :
1/1/2010 12:00:00 AM
Abstract :
We propose two new Man-In-The-Middle (MITM) attacks on Bluetooth Secure Simple Pairing (SSP). The attacks are based on the falsification of information sent during the input/output capabilities exchange and also the fact that the security of the protocol is likely to be limited by the capabilities of the least powerful or the least secure device type. In addition, we devise countermeasures that render the attacks impractical, as well as improvements to the existing Bluetooth SSP in order to make it more secure. Moreover, we provide a comparative analysis of the existing MITM attacks on Bluetooth.
Keywords :
Bluetooth; security of data; telecommunication security; wireless channels; Bluetooth secure simple pairing; information falsification; man-in-the-middle attacks; out-of-band channel; wireless security; Bluetooth; Communication system security; Helium; Information security; Mobile handsets; Optical fiber communication; Personal area networks; Protocols; Radio frequency; Wireless communication; Bluetooth, man-in-the-middle attack; out-of-band channel; secure simple pairing, wireless security;
Journal_Title :
Wireless Communications, IEEE Transactions on
DOI :
10.1109/TWC.2010.01.090935
