MITM attacks

RE: MITM attacks

Alex — Thu, 06 Aug 2015 07:56:59 GMT

Can I return to Bill's question (2)? If we put aside problem of delivering key to host and device (by NFC,USB...), is it correct that current nRF51 SD, Android, iOS and Windows 8/10 support setting up connection by using key provided? Update: Interesting information about OOB in Android is here

RE: MITM attacks

sara — Thu, 06 Aug 2015 01:40:54 GMT

Thanks for your kindly repply~

RE: MITM attacks

Bill Siever — Tue, 04 Aug 2015 12:02:35 GMT

sara: Encryption with Passkey and Just Works are both very weak if someone is able to collect all the packets when the keys are exchanged (a poor OOB system would be equally weak). If you use bonding, the keys are usually only exchanged on the first connection. As long as the link is always encrypted and the first exchange is done in a secure place (or perhaps, as Anders suggests, with low power transmissions to limit sniffing) there should be pretty good security for most applications.

RE: MITM attacks

Anders Strand — Tue, 04 Aug 2015 08:54:32 GMT

You can make sniffing more difficult by lowering TX power during pairing, and holding the central and peripheral very close. This is only a bandaid solution of course :)

RE: MITM attacks

sara — Tue, 04 Aug 2015 03:26:00 GMT

It seems that using static passkey is not a save way, isn't it? If we want to do some BLE application in high security way, what can we do? Using OOB only or any other methods?

RE: MITM attacks

syntroniks — Mon, 03 Aug 2015 16:11:21 GMT

Yes 2) Not sure, my phone has NFC but we aren't prepared to require it for pairing our peripherals yet.

QR code OOB is an alternative if you are developing with smartphones in mind and have display capabilities. I believe it is fairly common but most users I know have NFC turned off.

RE: MITM attacks

Bill Siever — Mon, 03 Aug 2015 13:28:19 GMT

That seems to be the intention, but it's not something I know much about yet. Since NFC has a very small range, it seems like it would limit key interception partly by limiting range of transmission. So, my questions are: 1) Is sniffing of NFC possible (even if not usually practical) to retrieve the OOB key? and 2) Which devices (Android, iOS, Windows Phone, etc.) currently support NFC for OOB? (I think the demos I've seen used Android devices)

RE: MITM attacks

Alex — Mon, 03 Aug 2015 13:22:06 GMT

Bill, thank you for the article. Can NFC in nRF52 be used as OOB then?

RE: MITM attacks

Bill Siever — Mon, 03 Aug 2015 13:00:13 GMT

Based on work by Mike Ryan (See: https://lacklustre.net/bluetooth/Ryan_Bluetooth_Low_Energy_USENIX_WOOT.pdf) it looks like even Passkey is pretty weak if the initial key exchange is monitored.

RE: MITM attacks

Petter Myhre — Fri, 31 Jul 2015 12:22:25 GMT

It depends.

If you use the passkey to identify the device the attacker can pretend to be a trusted device, while it is not.

If not, the attacker can only decrypt an encrypted link if he has the passkey and sniffs the pairing process, only then will he get the keys used to actually encrypt the link.