acoustic cryptanalysis

Acoustic cryptanalysis is a side channel attack which exploits sounds, audible or not, produced during a computation or input-output operation. In 2004, Dmitri Asonov and Rakesh Agrawal of the IBM Almaden Research Center announced that computer keyboards and keypads used on telephones and automated teller machines (ATMs) are vulnerable to attacks based on differentiating the sound produced by different keys. Their attack employed a neural network to recognize the key being pressed. By analyzing recorded sounds, they were able to recover the text of data being entered. These techniques allow an attacker using covert listening devices to obtain passwords, passphrases, personal identification numbers (PINs) and other security information. Also in 2004, Adi Shamir and Eran Tromer demonstrated that it may be possible to conduct timing attacks against a CPU performing cryptographic operations by analysis of variations in its humming noise. In his book Spycatcher, former MI5 operative Peter Wright discusses use of a similar attack against Egyptian Hagelin rotor cipher machines in 1956. The attack was codenamed "ENGULF".

References

Keyboard Acoustic Emanations, Dmitri Asonov and Rakesh Agrawal, IBM Almaden Research Center, 2004, http://www.almaden.ibm.com/software/quest/Publications/papers/ssp04.pdf. Retrieved March 2, 2005

Word Browser