Computer Keyboards Betray Users' Keystrokes To Radio Eavesdroppers

Swiss security researchers demonstrate that even wired keyboards emanate signals that can reveal a user's keystrokes.

Thomas Claburn, Editor at Large, Enterprise Mobility

October 21, 2008

2 Min Read

Two Swiss security researchers from the Security and Cryptography Laboratory at the Ecole Polytechnique Federale De Lausanne have published a video demonstrating how the electronic emanations from wired computer keyboards can be deciphered to reveal the user's keystrokes.

Using a laptop connected to a PS/2 keyboard, one of the researchers in the video typed the words, "Trust No One," in a nod to fans of The X-Files. The video then shows a program receiving data from an eavesdropping antenna and then converting that data into the typed words.

"We found four different ways (including the Kuhn attack) to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls," explain Martin Vuagnoux and Sylvain Pasini in an online post. "We tested 11 different wired keyboard models bought between 2001 and 2008 (PS/2, USB, and laptop). They are all vulnerable to at least one of our four attacks."

The Kuhn attack refers to a computer security research paper published in 1998 by Markus G. Kuhn and Ross J. Anderson that describes the threat of a "Tempest virus" that "can attack computers not connected to any communication lines and situated in rooms from which the removal of storage media is prohibited."

Tempest is a code name used by the government to refer to a program to secure electronic devices from leaking information in the form of radio frequency waves, or electronic emanations. Some security researchers see Tempest as an acronym that stands for "TEMPorary Emanation and Spurious Transmission," though others offer alternate interpretations.

The Kuhn/Anderson paper focuses on reading radio frequency waves emanating from computer monitors.

But as the demonstration by Vuagnoux and Pasini suggests, any device that emits radio frequency waves may be vulnerable to a sophisticated eavesdropper. The two researchers conclude that wired keyboards are not safe to transmit sensitive information.

Given the risks of wireless keyboards, which require even less sophistication to intercept, it appears there is no safe way to enter sensitive information into a computer, apart from Tempest-protected equipment as described by various national communication security information memorandums.

But in all likelihood NSA spooks with antennas aren't waiting for you to type your bank logon details. So there's no need to panic yet. As to when cybercriminals might adopt this technique and go "wardriving" for logon details, that's a different question, one that may merit more than cursory consideration in coming years.

At the Black Hat conference in August, Eric Filiol, the head scientist at the French Army Signals Academy's Virology and Cryptology Lab, demonstrated a related form of a Tempest attack. He showed how malware could be used to encode a user's password into the Windows startup tone audio file and broadcast the encoded information in an audible sound that could be received using a microphone and deciphered.

Vuagnoux and Pasini say they plan to publish more information about their attack soon.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights