Paper 2003/217

Chemical Combinatorial Attacks on Keyboards

Eric Brier, David Naccache, and Pascal Paillier

Abstract

This paper presents a new attack on keyboards. \smallskip The attack consists in depositing on each keyboard key a small ionic salt quantity ({\sl e.g.} some NaCl on key 0, some KCl on key 1, LiCl on key 2, SrCl$_2$ on key 3, BaCl$_2$ on key 4, CaCl$_2$ on key 5...). As the user enters his PIN, salts get mixed and leave the keyboard in a state that leaks secret information. Nicely enough, evaluating the entropy loss due to the chemical trace turns out to be a very interesting combinatorial exercise. \smallskip Under the assumption that mass spectroscopic analysis can reveal with accuracy the mixture of chemical compounds generated by the user, we show that, for moderate-size decimal PINs, the attack would generally disclose the PIN. \smallskip The attack may apply to door PIN codes, phone numbers dialed from a hotel rooms, computer keyboards or even ATMs. \ss While we did not implement the chemical part of the attack, a number of mass spectrometry specialists confirmed to the authors its feasibility.

Metadata
Available format(s)
PDF PS
Category
Implementation
Publication info
Published elsewhere. chemistry attack keyboard combinatorics entropy
Contact author(s)
david naccache @ gemplus com
History
2003-10-09: received
Short URL
https://ia.cr/2003/217
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2003/217,
      author = {Eric Brier and David Naccache and Pascal Paillier},
      title = {Chemical Combinatorial Attacks on Keyboards},
      howpublished = {Cryptology {ePrint} Archive, Paper 2003/217},
      year = {2003},
      url = {https://eprint.iacr.org/2003/217}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.