Bluetooth-Sniffing Highway Traffic Monitors Vulnerable to MITM Attack | The Security Ledger

http://securityledger.com/bluetooth-sniffing-highway-traffic-monitors-vulnerable-to-mitm-attack/

Where have we heard this before?

But researchers from the University of California at San Diego and the University of Michigan found that the Post Oak system isn’t as secure as promised. The AWAM Bluetooth Reader Traffic System doesn’t use sufficient entropy when generating authentication and host keys that are used to secure communications to and from the devices. In other words: the supposedly random keys aren’t really random. That means a knowledgeable attacker could guess the host key of reused or non-unique host keys, then carry out a man-in-the-middle attack against the traffic monitoring system.

Leave a Reply