International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Chemical Combinatorial Attacks on Keyboards

Authors:
Eric Brier
David Naccache
Pascal Paillier
Download:
URL: http://eprint.iacr.org/2003/217
Search ePrint
Search Google
Abstract: This paper presents a new attack on keyboards. \smallskip The attack consists in depositing on each keyboard key a small ionic salt quantity ({\sl e.g.} some NaCl on key 0, some KCl on key 1, LiCl on key 2, SrCl$_2$ on key 3, BaCl$_2$ on key 4, CaCl$_2$ on key 5...). As the user enters his PIN, salts get mixed and leave the keyboard in a state that leaks secret information. Nicely enough, evaluating the entropy loss due to the chemical trace turns out to be a very interesting combinatorial exercise. \smallskip Under the assumption that mass spectroscopic analysis can reveal with accuracy the mixture of chemical compounds generated by the user, we show that, for moderate-size decimal PINs, the attack would generally disclose the PIN. \smallskip The attack may apply to door PIN codes, phone numbers dialed from a hotel rooms, computer keyboards or even ATMs. \ss While we did not implement the chemical part of the attack, a number of mass spectrometry specialists confirmed to the authors its feasibility.
BibTeX
@misc{eprint-2003-11930,
  title={Chemical Combinatorial Attacks on Keyboards},
  booktitle={IACR Eprint archive},
  keywords={implementation /},
  url={http://eprint.iacr.org/2003/217},
  note={chemistry attack keyboard combinatorics entropy david.naccache@gemplus.com 12334 received 9 Oct 2003},
  author={Eric Brier and David Naccache and Pascal Paillier},
  year=2003
}