International Journal of Information Security

, Volume 14, Issue 5, pp 443–456 | Cite as

Keyboard acoustic side channel attacks: exploring realistic and security-sensitive scenarios

Regular Contribution

Abstract

This research takes a closer look at keyboard acoustic emanations specifically for the purpose of eavesdropping over random passwords. In this scenario, dictionary and HMM language models are not applicable; the attacker can only utilize the raw acoustic information which has been recorded. This work investigates several existing signal processing techniques for this purpose and introduces a novel technique—time–frequency decoding—that improves the detection accuracy compared to previous techniques. It also carefully examines the effect of typing style—a crucial variable largely ignored by prior research—on the detection accuracy. The results show that using the same typing style (hunt and peck) for both training and decoding the data, the best case success rate for detecting correctly the typed key is 64 % per character. The results also show that changing the typing style, to touch typing, during the decoding stage reduces the success rate, but using the time–frequency technique, it is still possible to achieve a success rate of around 40 % per character. In these realistic scenarios, where the password is random, the approach described here can reduce the entropy of the search space by up to 57 % per character. This brings keyboard acoustic attack one step closer to a full-fledged vulnerability.

Keywords

Keyboard acoustic emanations  Random passwords Signal processing 

References

  1. 1.
    “Keyboard Acoustic Emanations Revisited” presentation. http://cs.unc.edu/fabian/courses/CS600.624/slides/emanations
  2. 2.
    Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40–46 (1999)CrossRefGoogle Scholar
  3. 3.
    Asonov, D., Agrawal, R.: Keyboard acoustic emanations. In: IEEE Symposium on Security and Privacy (2004)Google Scholar
  4. 4.
    Backes, M., Durmuth, M., Gerling, S., Pinkal, M., Sporleder, C.: Acoustic side-channel attacks on printers. In: Usenix Security Symposium (2010)Google Scholar
  5. 5.
    Balzarotti, D., Cova, M., Vigna, G.: ClearShot: Eavesdropping on keyboard input from video. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy (2008)Google Scholar
  6. 6.
    Berger, Y., Wool, A., Yeredor, A.: Dictionary attacks using keyboard acoustic emanations. In: Conference on Computer and Communications Security, SESSION: Attacks and Cryptanalysis, pp. 245–254 (2006)Google Scholar
  7. 7.
    Briol, R.: Emanation: How to keep your data confidential. In: Symposium on Electromagnetic Security for Information Protection, SEPI (1991)Google Scholar
  8. 8.
    Fiona, A.H.Y.: Keyboard acoustic triangulation attack. Final Year Project. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.100.3156&rep=rep1&type=pdf
  9. 9.
    Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis. In: International Cryptology Conference (CRYPTO) (2014)Google Scholar
  10. 10.
    Halevi, T., Saxena, N.: On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping. In: ACM Conference on Computer and Communications Security (2010)Google Scholar
  11. 11.
    Inglesant, P., Sasse, M.A.: The true cost of unusable password policies: password use in the wild. In: CHI ’10: Proceedings of the 28th International Conference on Human Factors in Computing Systems, pp. 383–392 (2010)Google Scholar
  12. 12.
    Lachlan, R.: Normalization for Dynamic Time Warping. http://luscinia.sourceforge.net/page26/page14/page14.html
  13. 13.
    Marquardt, P., Verma, A., Carter, H., Traynor, P.: iPhone: decoding vibrations from nearby keyboards using mobile phone accelerometers. In: 18th ACM Conference on Computer and Communications Security in Chicago, 2011; proceedings, pp. 551–562. doi:10.1145/2046707.2046771 Key: citeulike:9931496
  14. 14.
    Moore, A.: School of Computer Science, Carnegie Mellon University. Hidden Markov Model. http://www.autonlab.org/tutorials/hmm14
  15. 15.
    Morris, R., Thompson, K.: Password security: a case history. Commun. ACM 22(11), 594–597 (1979)CrossRefGoogle Scholar
  16. 16.
    Rabiner, L., Juang, B.: Fundamentals of Speech Recognition. Prentice-Hall, Upper Saddle River (1993)Google Scholar
  17. 17.
    Rabiner, L., Juang, B.H.: Mel-frequency cepstrum coefficients. Prentice-Hall Signal Processing Series (1993). ISBN:0-13-015157-2Google Scholar
  18. 18.
    Shamir, A., Tromer, E.: Acoustic cryptanalysis: on nosy people and noisy machines. http://people.csail.mit.edu/tromer/acoustic/
  19. 19.
    Shay, R., Komanduri, S., Patrick, K.G., Leon, P.G., Mazurek, M.L., Bauer, L., Christin, N., Cranor, L.F.: Encountering stronger password requirements: user attitudes and behaviors. In: SOUPS ’10: Proceedings of the Sixth Symposium on Usable Privacy and Security (2010)Google Scholar
  20. 20.
    Song, D., Wagner, D.,Tian, X.: Timing analysis of keystrokes and timing attacks on ssh. In: Tenth USENIX Security Symposium (2001)Google Scholar
  21. 21.
  22. 22.
    Veyrat-Charvillon, N., Grard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: 19th International Conference, Selected Areas in Cryptography (2012)Google Scholar
  23. 23.
    Wool, A., Berger, Y.: Personal communication on the subject of typing styles used in prior research on keyboard acoustic emanations (2010)Google Scholar
  24. 24.
    Yan, J., Blackwell, A., Anderson, R., Grant, A.: Password memorability and security: empirical results. IEEE Secur. Priv. 2(5), 25–31 (2004)CrossRefGoogle Scholar
  25. 25.
    Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 373–382, November (2005)Google Scholar
  26. 26.
    Zhuang, L., Zhou, F., Tygar, J.D.: Keyboard acoustic emanations revisited. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(1), 3–26 (October 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  1. 1.Computer Science and EngineeringPolytechnic Institute of New York UniversityBrooklynUSA
  2. 2.Computer and Information SciencesUniversity of Alabama at BirminghamBirminghamUSA

Personalised recommendations