“Man in the Middle” Attacks on Bluetooth

  • Dennis Kügler
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2742)


Bluetooth is a short range wireless communication technology that has been designed to eliminate wires between both stationary and mobile devices. As wireless communication is much more vulnerable to attacks, Bluetooth provides authentication and encryption on the link level. However, the employed frequency hopping spread spectrum method can be exploited for sophisticated man in the middle attacks. While the built-in point-to-point encryption could have offered some protection against man in the middle attacks, a flaw in the specification nullifies this countermeasure.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BGW01]
    Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: The insecurity of 802.11. In: 7th Annual International Conference on Mobile Computing and Networking. ACM Press, New York (2001)Google Scholar
  2. [BM92]
    Bellovin, S.M., Merrit, M.: Encrypted key exchange: Passwordbased protocols against dictionary attacks. In: IEEE Symposium on Research in Security and Privacy, pp. 72–84. IEEE Computer Society Press, Los Alamitos (1992)Google Scholar
  3. [FL01]
    Fluhrer, S.R., Lucks, S.: Analysis of the E0 encryption system. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 38–48. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. [GN01]
    Gehrmann, C., Nyberg, K.: Enhancements to Bluetooth baseband security. In: Nordic Workshop on Secure IT-Systems – NordSec 2001, Proceeding, pp. 39–53 (2001)Google Scholar
  5. [JW01]
    Jakobsson, M., Wetzel, S.: Security weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 176–191. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. [SIGa]
    Bluetooth SIG. Specification of the Bluetooth system: Core, version 1.1,
  7. [SIGb]
    Bluetooth SIG. Specification of the Bluetooth system: Profiles, version 1.1,

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Dennis Kügler
    • 1
  1. 1.Federal Office for Information SecurityBonnGermany

Personalised recommendations