&amp;#x201C;Nino&amp;#x201D; man-in-the-middle attack on bluetooth secure simple pairing

Hyppönen, Konstantin; Haataja, Keijo

doi:10.1109/canet.2007.4401672

Cited by 37 publications

(34 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SSP uses four association models: OOB, Numeric Comparison, Passkey Entry, and Just Works (see Chap. However, it has been shown that MITM attacks against Bluetooth 2.1+EDR/3.0+HS/4.0 devices are possible by forcing the victim devices to use the Just Works association model [2,[9][10][11][12][13][14][15][16][17][18][19][20][21][22][23] (see Chap. The choice of association model depends on the device's IO capabilities (see Table 2.1 in Chap.…”

Section: Weaknesses In Association Models Of Sspmentioning

confidence: 99%

“…The attacking device is set to require authentication and encryption for each connection with the printer (see rows [14][15]. After the successful authentication with the printer (see rows [19][20][21][22][23][24][25], the attacking device abuses it by printing funny pictures, dozens of pages of random text, and various hoax documents (see rows [26][27][28]. After the successful authentication with the printer (see rows [19][20][21][22][23][24][25], the attacking device abuses it by printing funny pictures, dozens of pages of random text, and various hoax documents (see rows [26][27][28].…”

Section: Multithreatsmentioning

confidence: 99%

“…Our security analysis tool supports the automatic discovery and recognition of Bluetoothenabled printers in range. Finally, the attacking device simultaneously denies all legitimate printer users access to all four Bluetooth-enabled printers (see rows [17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34] [2,69]. If several Bluetooth-enabled printers are detected, several Bluetooth USB dongles will also automatically be used in parallel, i.e., one Bluetooth USB dongle is used for each detected Bluetooth-enabled printer.…”

Section: Multithreatsmentioning

confidence: 99%

See 2 more Smart Citations

Bluetooth Security Attacks

Haataja¹,

Hyppönen²,

Pasanen³

et al. 2013

SpringerBriefs in Computer Science

View full text Add to dashboard Cite

Section: Weaknesses In Association Models Of Sspmentioning

confidence: 99%

Section: Multithreatsmentioning

confidence: 99%

Section: Multithreatsmentioning

confidence: 99%

See 1 more Smart Citation

Bluetooth Security Attacks

Haataja¹,

Hyppönen²,

Pasanen³

et al. 2013

SpringerBriefs in Computer Science

View full text Add to dashboard Cite

“…This is because even if the user correctly checks that the numbers displayed on both devices are equal, they may not necessarily be involved in the same intended session. Haataja et al [7][8][9][10] exploited the fact that prior to SSP the devices exchange their respective input/output capabilities without any authentication, and so describe that one could modify these exchange messages to force devices to use the Just Works (JW) association model whose SSP is not designed to resist MitM attacks, thus leading to an MitM attack on the devices. Raphael and Patrick [3] have done an extensive analysis of the different association models with respect to secure simple pairing in Bluetooth 4.0 for both (BR/EDR) and LE operational modes.…”

Section: Related Workmentioning

confidence: 99%

Analysis of Bluetooth threats and v4.0 security features

Sandhya¹,

Devi²

2012

2012 International Conference on Computing, Communication and Applications

View full text Add to dashboard Cite

The advent of Bluetooth technology has made wireless communication easier. Any new invention or improvement is viewed very closely by people who are looking to gain information in an unauthorized manner. Security in any area is given more importance as it leads to better product and satisfied customers. The initial days of any technological invention is more challenging as they deal with new issues every day. The product/ invention needs to keep evolving to address the growing list of new features requirement and handling of security issues. Bluetooth security has evolved a lot with different versions of blue tooth. Keeping in mind the growing list of Bluetooth products in the market, there has been lot of improvements done in the version 4.0 of Bluetooth. The LE (Low Energy) operational mode which is new in version 4.0 has slightly different security association models. In this paper, a review of the recent studies in the analysis of Bluetooth security issues and new security features of v4.0 is done. Specifically the paper covers secure simple pairing in Bluetooth normal mode and low energy mode. For each threat, the particular issues are addressed and a review of major approaches to improve security of Bluetooth communication using secure simple pairing is discussed.

show abstract

“…This is because even if the user correctly checks that the numbers displayed on both devices are equal, they may not necessarily be involved in the same intended session. Haataja et al [10,11,8,9] exploited the fact that prior to SSP the devices exchange their respective input/output capabilities without any authentication, and so describe that one could modify these exchange messages to force devices to use the Just Works (JW) association model whose SSP is not designed to resist MitM attacks, thus leading to an MitM attack on the devices.…”

Section: Related Workmentioning

confidence: 99%

Analyzing the Secure Simple Pairing in Bluetooth v4.0

Phan

Mingard

2010

Wireless Pers Commun

View full text Add to dashboard Cite

This paper analyzes the security of Bluetooth v4.0's Secure Simple Pairing (SSP) protocol, for both the Bluetooth Basic Rate / Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (LE) operational modes. Bluetooth v4.0 is the latest version of a wireless communication standard for low-speed and low-range data transfer among devices in a human's PAN. It allows increased network mobility among devices such as headsets, PDAs, wireless keyboards and mice. A pairing process is initiated when two devices desire to communicate, and this pairing needs to correctly authenticate devices so that a secret link key is established for secure communication. What is interesting is that device authentication relies on humans to communicate verification information between devices via a human-aided out-of-band channel. Bluetooth v4.0's SSP protocol is designed to offer security against passive eavesdropping and man-inthe-middle (MitM) attacks. We conduct the first known detailed analysis of SSP for all its MitM-secure models. We highlight some issues related to exchange of public keys and use of the passkey in its models and discuss how to treat them properly.

show abstract

“Nino” man-in-the-middle attack on bluetooth secure simple pairing

Cited by 37 publications

References 1 publication

Bluetooth Security Attacks

Bluetooth Security Attacks

Analysis of Bluetooth threats and v4.0 security features

Analyzing the Secure Simple Pairing in Bluetooth v4.0

Contact Info

Product

Resources

About