Compromising Electromagnetic Emanations of Wired and Wireless Keyboards
Computer keyboards are often used to transmit confiden- tial data such as passwords. Since they contain elec- tronic components, keyboards eventually emit electro- magnetic waves. These emanations could reveal sensi- tive information such as keystrokes. The technique gen- erally used to detect compromising emanations is based on a wide-band receiver, tuned on a specific frequency. However, this method may not be optimal since a sig- nificant amount of information is lost during the signal acquisition. Our approach is to acquire the raw signal directly from the antenna and to process the entire cap- tured electromagnetic spectrum. Thanks to this method, we detected four different kinds of compromising elec- tromagnetic emanations generated by wired and wireless keyboards. These emissions lead to a full or a partial recovery of the keystrokes. We implemented these side- channel attacks and our best practical attack fully recov- ered 95% of the keystrokes of a PS/2 keyboard at a dis- tance up to 20 meters, even through walls. We tested 12 different keyboard models bought between 2001 and 2008 (PS/2, USB, wireless and laptop). They are all vul- nerable to at least one of the four attacks. We conclude that most of modern computer keyboards generate com- promising emanations (mainly because of the manufac- turer cost pressures in the design). Hence, they are not safe to transmit confidential information.