“Nino” man-in-the-middle attack on bluetooth secure simple pairing

Abstract

As an interconnection technology, Bluetooth has to address all traditional security problems, well known from the distributed networks. Moreover, as Bluetooth networks are formed by the radio links, there are also additional security aspects whose impact is yet not well understood. In this paper, we describe a new man-in-the-middle (MITM) attack on Bluetooth secure simple pairing. The attack is based on the falsification of information sent during the input/output capabilities exchange. In addition, we propose countermeasures that render the attack impractical, although not totally eliminating its potential danger.