Dictionary attacks using keyboard acoustic emanations

Yigael Berger*, Avishai Wool, Arie Yeredor

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

130 Scopus citations

Abstract

We present a dictionary attack that is based on keyboard acoustic emanations. We combine signal processing and efficient data structures and algorithms, to successfully reconstruct single words of 7-13 characters from a recording of the clicks made when typing them on a keyboard. Our attack does not require any training, and works on an individual recording of the typed word (may be under 5 seconds of sound). The attack is very efficient, taking under 20 seconds per word on a standard PC. We demonstrate a 90% or better success rate of finding the correct word in the top 50 candidates identified by the attack, for words of 10 or more characters, and a success rate of 73% over all the words we tested. We show that the dominant factors affecting the attack's success are the word length, and more importantly, the number of repeated characters within the word. Our attack can be used as an effective acoustic-based password cracker. Our attack can also be used as part of an acoustic long-text reconstruction method, that is much more efficient and requires much less text than previous approaches.

Original languageEnglish
Article number1180436
Pages (from-to)245-254
Number of pages10
JournalProceedings of the ACM Conference on Computer and Communications Security
DOIs
StatePublished - 2006
EventCCS 2006: 13th ACM Conference on Computer and Communications Security - Alexandria, VA, United States
Duration: 30 Oct 20063 Nov 2006

Keywords

  • Dictionary attacks
  • Keyboard acoustics
  • Password cracking

Fingerprint

Dive into the research topics of 'Dictionary attacks using keyboard acoustic emanations'. Together they form a unique fingerprint.

Cite this