Man-in-the-Middle Attack and its Countermeasure in Bluetooth Secure Simple Pairing

Abstract

With the development of more types of devices which have Bluetooth as a primary option to communicate, the importance of secure communication is growing. Bluetooth provides a short range wireless communication between devices making convenient for users and thus eliminating the need for messy cables.

The proliferation of the Bluetooth devices in the workplace exposes organizations to security risks. Bluetooth technology and associated devices are susceptible to general wireless networking threats, such as denial of service attack, eavesdropping, man-in-the-middle attacks, message modification, and resource misappropriation. Preventing unauthorized users from secure communication is a challenge to the pairing process.

The Man-in-the-Middle attack is based on sending random signals to jam the physical layer of legitimate user and then by falsification of information sent during the input/output capabilities exchange; also the fact that the security of the protocol is likely to be limited by the capabilities of the least powerful or the least secure device type. In addition, proposed a countermeasure that render the attack impractical. We have shown that, the proposed method can withstand the MITM attack and achieving all the security needs like authenticity, confidentiality, integrity and availability as well as it is an improvement to the existing Bluetooth secure simple pairing in order to make it more secure.