FM's Operation Graduation

Imagine that you are working over a perfectly secure network with nobody in the middle, no key loggers, sniffers or any other sort of spyware over the local workstation or in the communication channel. Can you be sure that no information will be exposed?

Think again. Snooping at the digital level is not the only way to sniff at computing activity. The sound that your fingers make while touching the keyboard, emissions from your monitor and the noise from your printer, CPU and hard disk can be used to find out what you are doing at your PC.

The amazing technology which makes this possible is called Acoustic Cryptanalysis in which computation sounds during input-output processes are analysed. Generally, such attacks are called side channel attacks, as they exploit seemingly secure systems for unintentional interesting leakages. Recall how people can recognise on the phone which number is pressed by differentiating the individual sounds. In a similar way, when we punch in particular words using the keyboard, a distinct sound pattern is generated because each key has a distinct sound attached to it which can be analysed. If repeated probes are possible, the well-established algorithms of machine learning and statistical methods can be applied to correctly reproduce up to 90 per cent of the typed text.

Asonov and Agrawal are credited with experimentally showing how this works and later on other researches followed up on their work, enhancing the techniques and methodologies. Let us take a brief look at how this works.

To a human ear, each key sounds the same. But when their direct frequency spectrum recording is examined using a simple PC microphone, several subtle distinguishing features are discovered. Notably, there are two distinctive peaks in the keyboard sound spectrum.

The first one comes at the time of the push, called "push peak", and the second at the time of key release, known as "release peak". These readings, called features, are then normalised between 0 and 1 so that they may be used as input data for a neural network which records the sound differences with continuous inputs, say, pressing each key 100 times as sample training data.

Experimentation showed that touch peak was best suited to show the vulnerability of keyboards. Once the neural network is trained with keys and their corresponding features, it can successfully detect typed input to the tune of more than 90 per cent, much on the lines of known plain text cryptographic attack.

This is not only true in the case of normal PCs but also for notebooks, ATM machines and telephone pads, which means PINs and other identification information can also be sniffed by simple and inexpensive acoustic cryptanalysis that requires just a mike and a programmed application.