Compromising Electromagnetic Emanations of Wired and Wireless Keyboards Presented By: Justin Rilling Written By: Martin Vuagnoux and Sylvain Pasini.

Slides:



Advertisements
Similar presentations
ITEC 352 Lecture 34 Communications. Review USB –How did you like the material (1-10) from bad to good –What did you learn? Differences between bus types.
Advertisements

VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.
GPS Signal Structure Sources: –GPS Satellite Surveying, Leick –Kristine Larson Lecture Notes 4519/asen4519.html.
Tempest Emanations Jacklyn Truong University of Tulsa April 16, 2013.
1. INTRODUCTION In order to transmit digital information over * bandpass channels, we have to transfer the information to a carrier wave of.appropriate.
Programmable Interval Timer
ECE 6332, Spring, 2014 Wireless Communication Zhu Han Department of Electrical and Computer Engineering Class 13 Mar. 3 rd, 2014.
Direct Attacks on Computational Devices
ANGLE MODULATION AND DEMODULATION
EET 2351 Lecture 2 Professor: Dr. Miguel Alonso Jr.
CHRIS HOVDE, STEVE M. MASSICK and DAVID S. BOMSE
Storey: Electrical & Electronic Systems © Pearson Education Limited 2004 OHT 5.1 Signals and Data Transmission  Introduction  Analogue Signals  Digital.
© 2013 Atmel 1 SAM D21 Peripheral Touch Controller Noise Immunity.
1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.
Page 1 Return Path Testing Seminar Presented by Sunrise Telecom Broadband … a step ahead.
EE 316 Computer Engineering Junior Lab Word Mastermind.
EE 316 Computer Engineering Junior Lab PS/2 Keyboard.
1 COMP541 Keyboard Interface Montek Singh April 9, 2007.
Performance Analysis of linear error correcting codes Group Members Shantharam Iyer Nitish Sinha Anjana Rao Premkumar Iyangar.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 7 Introduction to Networks and the Internet.
Module 3.0: Data Transmission
Harbin Institute of Technology (Weihai) 1 Chapter 2 Channel Measurement and simulation  2.1 Introduction  Experimental and simulation techniques  The.
EE 316 Computer Engineering Junior Lab Digital Hangman.
Chapter 5 Signals and Noise  Signal carries information about the analyte that is of interest to us.  Noise is made up of extraneous information that.
IT-101 Section 001 Lecture #15 Introduction to Information Technology.
Information Transmission
EMC review for Belle II (Grounding & shielding plans) Sub-systems ( XXXXX)
PS/2 Mouse/Keyboard Port Discussion D7.2. PS/2 Port.
PS2 Keyboard Interface Using Spartan-3 Starter Kit Board
Data Transmission The basics of media, signals, bits, carries, and modems (Part II)
1 Long-Distance Communication. 2 Illustration of a Carrier Carrier –Usually a sine wave –Oscillates continuously –Frequency of carrier fixed.
Security Fundamentals Group TEMPEST Security Hidema Tanaka.
1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.
Winter 2008CS244a Handout 121 CS244a: An Introduction to Computer Networks Handout 12: Physical Layer Sending 1’s and 0’s, Capacity and Clocking Nick McKeown.
Doc.: IEEE Submission September 2009 Rick Roberts [Intel]Slide 1 Project: IEEE P Working Group for Wireless Personal Area.
Understanding ADC Specifications September Definition of Terms 000 Analogue Input Voltage Digital Output Code FS1/2.
Adopting Multi-Valued Logic for Reduced Pin-Count Testing Baohu Li, Bei Zhang and Vishwani Agrawal Auburn University, ECE Dept., Auburn, AL 36849, USA.
EE104: Lecture 20 Outline Review of Last Lecture Noise in AM Receivers Single Sideband Modulation Vestigial Sideband Modulation AM Radio and Superheterodyne.
Prepared by Sam Kollannore U. Lecturer, Department of Electronics M.E.S.College, Marampally, Aluva-7.
Template attacks Suresh Chari, Josyula R. Rao, Pankaj Rohatgi IBM Research.
Side Channel Attacks through Acoustic Emanations
Sept. 25, 2006 Assignment #1 Assignment #2 and Lab #3 Now Online Formula Cheat Sheet Cheat SheetCheat Sheet Review Time, Frequency, Fourier Bandwidth Bandwidth.
1 ELE5 COMMUNICATIONS SYSTEMS REVISION NOTES. 2 Generalised System.
WIRELESS NETWORKING TOT AK Agenda Introduction to Wireless Technologies Wireless Networking Overview Non-Technical considerations Other Comparable.
Physical-layer Identification of UHF RFID Tags Authors: Davide Zanetti, Boris Danev and Srdjan Capkun Presented by Zhitao Yang 1.
EECE 252 PROJECT SPRING 2014 Presented by: Peizhen Sun Nor Asma Mohd Sidik.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Lecture # 17 Computer Communication & Networks.
Engineering and Physics University of Central Oklahoma Dr. Mohamed Bingabr Chapter 1 Introduction ENGR 4323/5323 Digital and Analog Communication.
A paper by: Paul Kocher, Joshua Jaffe, and Benjamin Jun Presentation by: Michelle Dickson.
Maximum-Minimum Eigen Value Based Spectrum Scanner Mohamed Hamid and Niclas Björsell Center for RF measurement Technology, University of Gävle, Sweden.
ECE 4371, Fall, 2015 Introduction to Telecommunication Engineering/Telecommunication Laboratory Zhu Han Department of Electrical and Computer Engineering.
ERROR DETECTING AND CORRECTING CODES -BY R.W. HAMMING PRESENTED BY- BALAKRISHNA DHARMANA.
CS434/534: Mobile Computing and Wireless Networks Y. Richard Yang 08/30/2012.
PS/2 Mouse/Keyboard Port
Martin Hewitson and the GEO team Measuring gravitational waves with GEO600.
ICT Module 4 Revision. ICT Attenuation and cable type What is attenuation What cable should be used between buildings and why?
Amplitude/Phase Modulation
Line Coding and Binary Keying Modulation
McGraw-Hill©2003 The McGraw-Hill Companies, Inc. Chapter 6 Physical Layer.
6: Wireless and Mobile Networks6-1 hub or switch AP 2 AP 1 H1 BBS 2 BBS : mobility within same subnet router r H1 remains in same IP subnet: IP.
Keyboard Introduction Keyboard is an input device. It is used to give text, numbers and controls as input to computer. The.
Dr.F. Arteche EMC DEPFET Project: A general overview.
Wireless Networking Presented by: Jeffrey D. Bombell, American Computer Technologies.
Structural Health Monitoring in WSNs by the Embedded Goertzel Algorithm Maurizio Bocca, M.Sc. Department of Automation and Systems Technology Aalto University.
Fundamentals of Communications. Communication System Transmitter: originates the signal Receiver: receives transmitted signal after it travels over the.
EE 445S Real-Time Digital Signal Processing Lab Fall 2013
Hw week 5 1. Let the message signal m(t) = 4 + 2cos(2  103t), carrier wave xc(t) = 8cos(2  106t) (a) For DSB-SC systems, draw the frequency domain.
Long-Distance Communication (Carriers, Modulation, And Modems)
Digital Acquisition of Analog Signals – A Practical Guide
Interfacing keyboard with FPGA
Presentation transcript:

Compromising Electromagnetic Emanations of Wired and Wireless Keyboards Presented By: Justin Rilling Written By: Martin Vuagnoux and Sylvain Pasini

Outline - Introduction - Paper Contributions - Experimental Setup - Description of Attacks - Results - Countermeasures - Comments - Questions

Introduction - This paper evaluates four types of keyboards (PS/2, USB, laptop, and wireless) - Defines four types of attacks. All the keyboards tested where vulnerable to at least one type of attack (One attack recovered 95% of keystrokes 20m from the keyboard through walls) - Tests electromagnetic vulnerability in different environmental scenarios (Low noise, office, adjacent office, and building)

Contribution - Determined the practical feasibility of eavesdropping on keystrokes - Used the “Full Spectrum Acquisition Method” to detect electromagnetic radiation that may be missed by traditional methods

Experimental Setup

Falling Edge Transition Technique (FETT) Start Bit Scan Code 0x24 = ‘E’ Odd Parity Bit Stop Bit

Falling Edge Transition Technique (FETT) - Were able to detect the falling edges of the PS/2 data line - On average, can reduce the keystroke to 2.42 possible keys

The Generalized Transition Technique (GTT) - A band-pass ( MHz) filter is used to improve the SNR which allows the authors to extract the rising and falling edges of the data line Threshold Line

The Modulation Technique (MT) - They were also able to find frequency and amplitude modulated harmonics at 124MHz that correspond to the data and clock signals - This attack is able to fully recover all keystrokes - These types of electromagnetic waves are interesting because they carry further than those discussed in the previous two attacks

The Matrix Scan Technique (MST) Driver Detector … … … w s x e d c q a z

The Matrix Scan Technique (MST) - This attack worked on almost every keyboard - On average, could reduce the keystroke to 5.14 possible keys

Accuracy GTT - Able to recover all keystrokes correctly MT - Able to recover all keystrokes correctly FETT - Can reduce the keystroke to 2.42 possible keys on average MST - Can reduce the keystroke to 5.14 possible keys on average

Effectiveness on Various Types of Keyboards

Range of Attack Low Noise ScenarioOffice Scenario

Countermeasures - Shield keyboard, cable, motherboard and room - Encrypt bi-directional (PS/2) serial cable - Obfuscate scan matrix loop routine

Comments - Very thorough testing - Could improve the explanation of the building test scenario - Would have been interesting if they tested the outlined countermeasures

Questions ???

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.