### A Closer Look at Keyboard Acoustic Emanations: Random Passwords, Typing Styles and Decoding Techniques

Tzipora Halevi and Nitesh Saxena

##### Abstract

We take a closer look at keyboard acoustic emanations specifically for the purpose of eavesdropping over random passwords. In this scenario, dictionary and HMM language models are not applicable; the attacker can only utilize the raw acoustic information which has been recorded. We investigate several existing signal processing techniques for our purpose, and introduce a novel technique – time-frequency decoding – that improves the detection accuracy compared to previous techniques. We also carefully examine the effect of typing style – a crucial variable largely ignored by prior research – on the detection accuracy. Our results show that using the same typing style (hunt and peck) for both training and decoding the data, the best case success rate for detecting correctly the typed key is 64% per character. The results also show that changing the typing style, to touch typing, during the decoding stage reduces the success rate, but using the time-frequency technique, we can still achieve a success rate of around 40% per character. Our work takes the keyboard acoustic attack one step further, bringing it closer to a full-fledged vulnerability under realistic scenarios (different typing styles and random passwords). Our results suggest that while the performance of these attacks degrades under such conditions, it is still possible, utilizing the time-frequency technique, to considerably reduce the exhaustive search complexity of retrieving a random password.

Available format(s)
Publication info
Published elsewhere. ACM Symposium on Information, Computer and Communications Security (AsiaCCS) 2012
Keywords
Contact author(s)
tzipihalevi @ yahoo com
History
2012-05-14: last of 3 revisions
See all versions
Short URL
https://ia.cr/2010/605

CC BY

BibTeX

@misc{cryptoeprint:2010/605,
author = {Tzipora Halevi and Nitesh Saxena},
title = {A Closer Look at Keyboard Acoustic Emanations: Random Passwords, Typing Styles and Decoding Techniques},
howpublished = {Cryptology ePrint Archive, Paper 2010/605},
year = {2010},
note = {\url{https://eprint.iacr.org/2010/605}},
url = {https://eprint.iacr.org/2010/605}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.