Monday, 17 November 2008

So you think that your wired keyboard is secure?

We like to state that wireless keyboards are not safe. However, what do you do when the alternative is also insecure. The ability to capture keystrokes through the EMR (Electromagnetic Radiation) monitoring of wired PS/2, universal serial bus and laptop keyboards has been demonstrated.

Martin Vuagnoux and Sylvain Pasini of Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne demonstrated capturing the keystrokes as they were entered into a standard keyboard. They used a large antenna about 20 to 30 feet away in an adjacent room. The method can be used more than 65 feet (20 metres) distant.

This is not new. Tempest hardening standards have been around for decades. It just seems we forget the old stuff...

The US Tempest standards include:

  • NATO SDIP-27 Level A (formerly AMSG 720B) and USA NSTISSAM Level I
  • NATO SDIP-27 Level B (formerly AMSG 788A) and USA NSTISSAM Level II
  • NATO SDIP-27 Level C (formerly AMSG 784) and USA NSTISSAM Level III
  • NATO SDIP-29 (formerly AMSG 719G)
  • AMSG 799B
  • "NATO Zoning Procedures"

For those who believe that this is an expensive and sophisticated attack, Wim van Eck successfully demonstrated an eavesdropping attack against a CRT monitor at a range of hundreds of metres. This was completed using a set of low end electronic gear costing $15 and a television set.

Van Eck phreaking was the result.

No comments: