Article

Dictionary attacks using keyboard acoustic emanations

Authors:

Yigael Berger,

Avishai Wool,

Arie YeredorAuthors Info & Claims

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

Pages 245 - 254

https://doi.org/10.1145/1180405.1180436

Published: 30 October 2006 Publication History

Get Access

Abstract

We present a dictionary attack that is based on keyboard acoustic emanations. We combine signal processing and efficient data structures and algorithms, to successfully reconstruct single words of 7-13 characters from a recording of the clicks made when typing them on a keyboard. Our attack does not require any training, and works on an individual recording of the typed word (may be under 5 seconds of sound). The attack is very efficient, taking under 20 seconds per word on a standard PC. We demonstrate a 90% or better success rate of finding the correct word in the top 50 candidates identified by the attack, for words of 10 or more characters, and a success rate of 73% over all the words we tested. We show that the dominant factors affecting the attack's success are the word length, and more importantly, the number of repeated characters within the word. Our attack can be used as an effective acoustic-based password cracker. Our attack can also be used as part of an acoustic long-text reconstruction method, that is much more efficient and requires much less text than previous approaches.

References

[1]

D. Asonov and R. Agrawal. Keyboard acoustic emanations. In IEEE Symposium on Security and Privacy, pages 3--11, Oakland, CA, 2004.

Crossref

Google Scholar

[2]

K. Atkinson. Scowl - spell checker oriented word lists, 2004. http://wordlist.sourceforge.net/.

Google Scholar

[3]

R. Briol. Emanation: How to keep your data confidential. Symposium on Electromagnetic Security For Information Protection, 1991.

Google Scholar

[4]

CornCob. The corncob list. http://www.mieliestronk.com/wordlist.html.

Google Scholar

[5]

D. Klein. Foiling the cracker: A survey of, and improvements to, password security. In Proc. UNIX Security Workshop II, Aug. 1990.

Google Scholar

[6]

M. G. Kuhn. Compromising emanations: Eavesdropping risks of computer displays. Technical Report UCAM-CL-TR-577, University of Cambridge, Computer Laboratory, Dec. 2003.

Google Scholar

[7]

J. Loughry and D. A. Umphress. Information leakage from optical emanations. ACM Trans. Info. Sys. Security, 5(3):262--289, 2002.

Digital Library

Google Scholar

[8]

Y. Rubner, C. Tomasi, and L. Guibas. The earth mover's distance as a metric for image retrieval. International Journal of Computer Vision, 40(2):99--122, 2000.

Digital Library

Google Scholar

[9]

Time domain processing: Correlation. http://www.bores.com/courses/intro/time/2_ave.htm.

Google Scholar

[10]

M. Slaney. Auditory toolbox, 1998. http://rvl4.ecn.purdue.edu/malcolm/interval/1998-010/.

Google Scholar

[11]

S. W. Smith. The Scientist and Engineer's Guide to Digital Sound Processing. California Technical Publishing, 1997.

Digital Library

Google Scholar

[12]

D. Song, D. Wagner, and X. Tian. Timing analysis of keystrokes and timing attacks on SSH. In 10th USENIX Security Symposium, 2001.

Digital Library

Google Scholar

[13]

Tempest 101. http://www.tscm.com/TSCM101tempest.html.

Google Scholar

[14]

L. Zhuang, F. Zhou, and J. D. Tygar. Keyboard acoustic emanations revisited. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security, pages 373--382, New York, NY, USA, 2005. ACM Press.

Digital Library

Google Scholar

Cited By

View all

Spata MMaria Russo VOrtis ABattiato S(2025)A New Pipeline for Snooping Keystroke Based on Deep Learning AlgorithmIEEE Access10.1109/ACCESS.2025.353687713(24498-24514)Online publication date: 2025
https://doi.org/10.1109/ACCESS.2025.3536877
Chen PLiu GWang HLuo BLiao XXu JKirda ELie D(2024)Poster: Acoustic Side-Channel Attack on Robot VacuumsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3691372(5027-5029)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3691372
Wang PHu JLiu CLuo JLuo BLiao XXu JKirda ELie D(2024)RefleXnoop: Passwords Snooping on NLoS Laptops Leveraging Screen-Induced Sound ReflectionProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670341(3361-3375)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670341
Show More Cited By

Index Terms

Dictionary attacks using keyboard acoustic emanations
1. Hardware
  1. Communication hardware, interfaces and storage
    1. Signal processing systems
  2. Robustness
    1. Hardware reliability
      1. Signal integrity and noise analysis
2. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Context-free Attacks Using Keyboard Acoustic Emanations
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

The emanations of electronic and mechanical devices have raised serious privacy concerns. It proves possible for an attacker to recover the keystrokes by acoustic signal emanations. Most existing malicious applications adopt context-based approaches, ...
Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses
CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Keyboard acoustic side channel attacks to date have been mostly studied in the context of an adversary eavesdropping on keystrokes by placing a listening device near the intended victim creating a local eavesdropping scenario. However, being in close ...
Keyboard acoustic emanations revisited

We examine the problem of keyboard acoustic emanations. We present a novel attack taking as input a 10-minute sound recording of a user typing English text using a keyboard and recovering up to 96% of typed characters. There is no need for training ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CCS '06: Proceedings of the 13th ACM conference on Computer and communications security

October 2006

434 pages

ISBN:1595935185

DOI:10.1145/1180405

General Chair:
Ari Juels
RSA Laboratories
,
Program Chairs:
Rebecca Wright
Stevens Institute of Technology
,
Sabrina De Capitani di Vimercati
University of Milan, Italy

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS06

Sponsor:

CCS06: 13th ACM Conference on Computer and Communications Security 2006

October 30 - November 3, 2006

Virginia, Alexandria, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

115
Total Citations
View Citations
1,224
Total Downloads

Downloads (Last 12 months)45
Downloads (Last 6 weeks)2

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Spata MMaria Russo VOrtis ABattiato S(2025)A New Pipeline for Snooping Keystroke Based on Deep Learning AlgorithmIEEE Access10.1109/ACCESS.2025.353687713(24498-24514)Online publication date: 2025
https://doi.org/10.1109/ACCESS.2025.3536877
Chen PLiu GWang HLuo BLiao XXu JKirda ELie D(2024)Poster: Acoustic Side-Channel Attack on Robot VacuumsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3691372(5027-5029)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3691372
Wang PHu JLiu CLuo JLuo BLiao XXu JKirda ELie D(2024)RefleXnoop: Passwords Snooping on NLoS Laptops Leveraging Screen-Induced Sound ReflectionProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670341(3361-3375)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670341
Spata MRusso VOrtis ABattiato S(2024)Acoustic Side Channel Attack for Keystroke Splitting in the Wild2024 IEEE International Conference on Metrology for eXtended Reality, Artificial Intelligence and Neural Engineering (MetroXRAINE)10.1109/MetroXRAINE62247.2024.10796234(131-136)Online publication date: 21-Oct-2024
https://doi.org/10.1109/MetroXRAINE62247.2024.10796234
Rodrigues DMacedo GConti MPinto P(2024)A Prototype for Generating Random Key Sounds to Prevent Keyboard Acoustic Side-Channel Attacks2024 IEEE 22nd Mediterranean Electrotechnical Conference (MELECON)10.1109/MELECON56669.2024.10608505(1287-1292)Online publication date: 25-Jun-2024
https://doi.org/10.1109/MELECON56669.2024.10608505
Taheritajar AHarris ZRahaeimehr R(2024)A Survey on Acoustic Side Channel Attacks on KeyboardsInformation and Communications Security10.1007/978-981-97-8798-2_6(99-121)Online publication date: 25-Dec-2024
https://doi.org/10.1007/978-981-97-8798-2_6
Ozkan AKilic BAcarturk C(2024)Keystroke Transcription from Acoustic Emanations Using Continuous Wavelet TransformMachine Learning for Cyber Security10.1007/978-981-97-2458-1_1(1-16)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-981-97-2458-1_1
Spata MOrtis ABattiato SRusso V(2024)A New Deep Learning Pipeline for Acoustic Attack on KeyboardsIntelligent Systems and Applications10.1007/978-3-031-66329-1_26(402-414)Online publication date: 31-Jul-2024
https://doi.org/10.1007/978-3-031-66329-1_26
Tu YShan LHossen MRampazzi SButler KHei XCalandrino JTroncoso C(2023)Auditory eyesightProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620248(175-192)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620248
Li GArakawa YNakamura YChoi HFukushima SWang W(2023)WatchLogger: Keyboard Typing Words Recognition Based on Smartwatch2023 Fourteenth International Conference on Mobile Computing and Ubiquitous Network (ICMU)10.23919/ICMU58504.2023.10412218(1-6)Online publication date: 29-Nov-2023
https://doi.org/10.23919/ICMU58504.2023.10412218
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Context-free Attacks Using Keyboard Acoustic Emanations

Keyboard Emanations in Remote Voice Calls: Password Leakage and Noise(less) Masking Defenses

Keyboard acoustic emanations revisited

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations