Information leakage through electromagnetic radiation of PS/2 Keyboard
DOI:
https://doi.org/10.54654/isj.v10i2.67Keywords:
Electromagnetic radiation, PS/2 keyboard, acquisition of electromagnetic, recovery keystroke.Tóm tắt
Abstract— Computer keyboards are often used to enter data for a computer system, data could be normal information or confidential information such as password, key. Keyboards use electronic components so they will generate electromagnetic radiation that can reveal information. This article presents the acquisition of electromagnetic emanating from the PS/2 keyboards through different paths (in space, through power line or via LAN cable). After acquisition we develop a program on MATLAB to recover the keystroke signal from data which is obtained in the near field of PS/2 keyboard. The result of this side channel attack is recovered an average of more than 70% of the keystrokes in near field of PS/2 keyboards. Our best attack can recover up to more than 90% of the keystrokes. From this result, we conclude that PS/2 keyboards generate electromagnetic radiations which can cause the loss of information and they are not safe to use when entering confidential information.
Tóm tắt— Bàn phím máy tính thường được sử dụng để nhập dữ liệu đầu vào cho một hệ thống máy tính, các dữ liệu có thể là văn bản thông thường hoặc thông tin cần được bảo mật như mật khẩu hay khóa. Bàn phím sử dụng các linh kiện điện tử, vì thế chúng sẽ gây ra bức xạ điện từ dẫn đến lộ lọt các thông tin khi gõ phím. Bài báo này trình bày về việc thu các tín hiệu bức xạ điện từ phát ra từ bàn phím PS/2 khi gõ phím qua các con đường khác nhau (nhiễu bức xạ trong không gian, nhiễu dẫn trên đường nguồn, qua mạng LAN). Từ đó, nghiên cứu xây dựng một module chương trình trên MATLAB để khôi phục lại tín hiệu gõ phím từ các dữ liệu thu được trong trường gần của bàn phím. Kết quả của cách tần công trên kênh kề này là khôi phục trung bình được hơn 70% ký tự được gõ trong trường gần của bàn phím PS/2. Trường hợp tốt nhất kết quả có thể lên đến hơn 90% ký tự được gõ. Từ kết quả nghiên cứu trên, nhóm nghiên cứu rút ra kết luận, các loại bàn phím[1]
PS/2 đều phát ra các bức xạ điện từ gây mất mát thông tin và không an toàn để sử dụng khi nhập các thông tin cần được bảo mật.
Downloads
References
[1]. Andrea Barisan Daniele Bianco, “Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage”, Copyright Inverse Path Ltd, 2009.
[2]. Asonov, D., and Agrawal, R., “Keyboard Acoustic Emanations”, In IEEE Symposium on Security and Privacy, 2004.
[3]. Blzarotti, D., Cova, M., and Vigna, G., “Clearshot: Eavesdropping on keyboard input from video”, In IEEE Symposium on Security and Privacy, 2008.
[4]. Kuhn, M. G., “Compromising Emanations: Eavesdropping risks of Computer Displays”, Technical Report, 2003.
[5]. John V. Monaco, “SoK: Keylogging Side Channels”, IEEE Symposium on Security and Privacy, 2018.
[6]. Lizhuang, Fengzhou, J. D. Tygar, “Keyboard Acoustic Emanations Revisited”, In Proceedings of the 12th ACM Conference on Computer and Communications Security, November 2005.
[7]. Loughry, J., and Umphress, D. A., “Information leakage from optical emanations”, ACM Trans. Inf. Syst. Secur, 2002.
[8]. Martin Vuagnoux, Sylvain Pasini, “Compromising Electromagnetic Emanations of Wired and Wireless Keyboards”, Security and Cryptography Laboratory, 2007-2009.
[9]. Smulders, P., “The Threat of Information Theft by Reception of Electromagnetic Radiation from RS-232 Cables”, Computers and Security, 1990.
[10]. Tuttlebee, W., “Software Defined Radio: Enabling Technologies”, John Wiley and Sons, England, 2003.
[11]. Tzipora Halevi, Nitesh Saxena, “Keyboard acoustic side channel attacks: exploring realistic and security-sensitive scenarios”, International Journal of Information Security, Springer, 2014.
[12]. Van Eck, W., “Electronagmetic radiation from video Display Units: An eavesdropping risk?”, Comput. Secur, 198.
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).