Menu
I am reading Bluetooth Low Energy: The developer handbook and confused about the protection against MITM.
The book says after exchange pairing informations, a random number is generated on both side. Along with that random number, a confirmation value is calculated. The confirmation value is then exchanged between both parties, followed by a reveal of random number.
The exchanged messages are like this in pairing.
[Apr 25 18:04:43.919] [SMP Send] LE SMP Pairing Request Command
[Apr 25 16:53:09.005] [SMP Receive] LE SMP Pairing Response Command
[Apr 25 16:53:09.019] [SMP Send] LE SMP Pairing Confirm Command
[Apr 25 16:53:14.016] [SMP Receive] LE SMP Pairing Confirm Command
[Apr 25 16:53:14.017] [SMP Send] LE SMP Pairing Random Command
[Apr 25 16:53:14.076] [SMP Receive] LE SMP Pairing Random Command
The book claims that this prevents MITM from attacking because MITM would have to guess 2^128 possible random numbers to calculate the confirm value.
My question is that how does that help prevent MITM attack. I mean if I am the MITM, I would just pass confirmation number from one end to the other without even need the calculation.
I am sure that I must have missed something.
944
One of the best practices for network security is to use a VPN (virtual private network) when connecting online. A VPN encrypts the data you send online. This encryption stops the MITM attack from infiltrating your network traffic.
Detecting a man-in-the-middle attack doesn't stop with finding suspicious traffic and latency issues. The captured network traffic must go through forensic analysis to determine if it is an MITM attack in the first place. If confirmed, the attack needs to be traced to the source, in this case, the compromised user.
SSL (Secure Socket Layer) and TLS (Transport Layer Security) Hijacking. Mitigation: The HTTP Strict Transport Security (HSTS) is a security mechanism sent through special response headers that can protect against MiTM attacks by only allowing websites to be accessed through TLS or SSL.
An attack in which an attacker is positioned between two communicating parties in order to intercept and/or alter data traveling between them.
You are missing the point of what MITM attacks mean.
By simply passing data received from one device to the other doesn't make you a MITM attacker. Just a MITM.
To "attack" you would have to actually modify the data before passing it on without the receiving end noticing it. Ideally you would not just screw up communication, but you would also make meaningful changes (e.g. replace the destination bank account number with yours while keeping the sender's signature, so you get the money instead of the original sender).
By making no modification whatsoever on data that you intercept (before sending), you merely act as a repeater.
121
Attack may not be the intent all the time; MITM may be just interested in tapping the data; The data may be so vital that there is no need to attack/modify, so it depends; just revealing the data itself is damaging enough !!
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
