The attack consists in depositing on each keyboard key a small ionic salt quantity ({\sl e.g.} some NaCl on key 0, some KCl on key 1, LiCl on key 2, SrCl$_2$ on key 3, BaCl$_2$ on key 4, CaCl$_2$ on key 5...). As the user enters his PIN, salts get mixed and leave the keyboard in a state that leaks secret information. Nicely enough, evaluating the entropy loss due to the chemical trace turns out to be a very interesting combinatorial exercise. \smallskip
Under the assumption that mass spectroscopic analysis can reveal with accuracy the mixture of chemical compounds generated by the user, we show that, for moderate-size decimal PINs, the attack would generally disclose the PIN. \smallskip
The attack may apply to door PIN codes, phone numbers dialed from a hotel rooms, computer keyboards or even ATMs. \ss
While we did not implement the chemical part of the attack, a number of mass spectrometry specialists confirmed to the authors its feasibility.
Category / Keywords: implementation / Publication Info: chemistry attack keyboard combinatorics entropy Date: received 9 Oct 2003 Contact author: david naccache at gemplus com Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20031009:175450 (All versions of this report) Short URL: ia.cr/2003/217 Discussion forum: Show discussion | Start new discussion