“Man in the Middle” Attacks on Bluetooth
Bluetooth is a short range wireless communication technology that has been designed to eliminate wires between both stationary and mobile devices. As wireless communication is much more vulnerable to attacks, Bluetooth provides authentication and encryption on the link level. However, the employed frequency hopping spread spectrum method can be exploited for sophisticated man in the middle attacks. While the built-in point-to-point encryption could have offered some protection against man in the middle attacks, a flaw in the specification nullifies this countermeasure.
Unable to display preview. Download preview PDF.
- [BGW01]Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: The insecurity of 802.11. In: 7th Annual International Conference on Mobile Computing and Networking. ACM Press, New York (2001)Google Scholar
- [BM92]Bellovin, S.M., Merrit, M.: Encrypted key exchange: Passwordbased protocols against dictionary attacks. In: IEEE Symposium on Research in Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)Google Scholar
- [GN01]Gehrmann, C., Nyberg, K.: Enhancements to Bluetooth baseband security. In: Nordic Workshop on Secure IT-Systems – NordSec 2001, Proceeding, pp. 39–53 (2001)Google Scholar
- [SIGa]Bluetooth SIG. Specification of the Bluetooth system: Core, version 1.1, http://www.bluetooth.org
- [SIGb]Bluetooth SIG. Specification of the Bluetooth system: Profiles, version 1.1, http://www.bluetooth.org