LASEC, the Security and Cryptography Laboratory, claimed to have found four different ways of remotely capturing keystrokes from wired keyboards from a distance of up to 20 meters away. The keystrokes can be captured through walls, making vulnerable the security of many computers and even possibly ATMs.
The approach used works on the theory that when a key is pressed on a wired keyboard, it produces electromagnetic emanations. This electromagnetic radiation can be acquired and captured with the use of an antenna, which can then be analyzed. Four different methods had been tested, including the Kuhn attack, although not much information on the other methods have yet been provided. It was claimed that the attacks could be significantly improved, as the equipment used in the experiment was relatively inexpensive.
Eleven different wired keyboard models were tested, including PS/2, USB and laptop keyboards, all of which were vulnerable to at least one of the four different methods used. Apparently the reason these keyboards generate the compromising emanations is mostly “because of the cost pressures in the design.” More information regarding these attacks will soon be published, although the paper is still undergoing peer review. For the time being however, there are two videos being hosted that demonstrate the attacks.
From the videos, it looked as if the antenna being used in one of the demonstrations was rather large and not very inconspicuous, nor did it seem as if the keystrokes could be captured at a high rate of speed. However, with banking machines using wired keyboards, it may be possible for a truck to park nearby an ATM and remotely capture private information entered into the ATM, such as a customer’s PIN. No longer it seem is just avoiding wireless keyboards enough to ensure security, as even wired keyboards now need protection, such as electromagnetic shielding.
