Chemical Combinatorial Attacks on Keyboards
نویسندگان
چکیده
This paper presents a new attack on keyboards. The attack consists in depositing on each keyboard key a small ionic salt quantity (e.g. some NaCl on key 0, some KCl on key 1, LiCl on key 2, SrCl2 on key 3, BaCl2 on key 4, CaCl2 on key 5...). As the user enters his PIN, salts get mixed and leave the keyboard in a state that leaks secret information. Nicely enough, evaluating the entropy loss due to the chemical trace turns out to be a very interesting combinatorial exercise. Under the assumption that mass spectroscopic analysis can reveal with accuracy the mixture of chemical compounds generated by the user, we show that, for moderate-size decimal PINs, the attack would generally disclose the PIN. The attack may apply to door PIN codes, phone numbers dialed from a hotel rooms, computer keyboards or even ATMs. While we did not implement the chemical part of the attack, a number of mass spectrometry specialists confirmed to the authors its feasibility.
منابع مشابه
Compromising Electromagnetic Emanations of Wired and Wireless Keyboards
Computer keyboards are often used to transmit confidential data such as passwords. Since they contain electronic components, keyboards eventually emit electromagnetic waves. These emanations could reveal sensitive information such as keystrokes. The technique generally used to detect compromising emanations is based on a wide-band receiver, tuned on a specific frequency. However, this method ma...
متن کاملA Design of Secure and Reliable Wireless Keyboards and Mice Against Man-In-The-Middle Attacks1
It has been publicly known that keyboards and mice, either wired or wireless, can be potentially attacked by eavesdropping or hijacking. Although there are many secure keyboards and some secure mice in the market, there are still vulnerabilities under different types of Man-In-The-Middle (MITM) attacks such as hijack or replay. Usually these attacks are low cost and easy to implement, but so fa...
متن کاملTouchLogger: Inferring Keystrokes on Touch Screen from Smartphone Motion
Attacks that use side channels, such as sound and electromagnetic emanation, to infer keystrokes on physical keyboards are ineffective on smartphones without physical keyboards. We describe a new side channel, motion, on touch screen smartphones with only soft keyboards. Since typing on different locations on the screen causes different vibrations, motion data can be used to infer the keys bein...
متن کاملDon ’ t touch a word ! A practical input eavesdropping attack against mobile touchscreen devices
Spying on a person is a subtle, yet easy and reliable method to obtain sensitive information. Even if the victim is well protected from digital attacks, spying may be a viable option. In addition, the pervasiveness of mobile devices increases an attacker’s opportunities to observe the victims while they are accessing or entering sensitive information. This risk is exacerbated by the remarkable ...
متن کاملTwo-Finger Keyboard Layout Problem: An Application On Turkish Language
Smart phone and tablet usage has sharply increased for the last decade. While entering test on these devices, virtual keyboards are generally used instead of conventional hardware keyboards. In this study, a new problem which is two-finger keyboard layout problem and solution approach is presented for increasing user test entrance performance, especially on virtual keyboards. Defined two-finger...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2003 شماره
صفحات -
تاریخ انتشار 2003