Presented at
Black Hat Europe 2018,
Dec. 6, 2018, 4 p.m.
(25 minutes)
As warm-blooded mammals, humans routinely leave thermal residue on various objects with which they come in contact. This includes common input devices, such as keyboards, that are used for entering (among other things) secret information: passwords and PINs. Although thermal residue dissipates over time, there is always a certain time window during which thermal energy readings can be harvested from input devices to recover recently entered, and potentially sensitive, information.
To-date, there has been no systematic investigation of thermal profiles of keyboards, and thus no efforts have been made to secure them. This is the main motivation for designing Thermanator -- a framework for password harvesting from keyboard thermal emanations. In this talk, we introduce Thermanator and show that several popular keyboards by different manufacturers are vulnerable to thermal side-channel attacks. Thermanator allows us to correctly determine entire passwords tens of seconds after entry, as well as greatly reduce password search. The latter is effective even as late as 60 seconds after password entry.
Furthermore, we show that thermal side-channel attacks work from as far as several feet away. Our results are based on extensive experiments conducted with a multitude of subjects using several common keyboards and many representative passwords.
We demonstrate thermal side-channel attacks using a thermal (FLIR) camera. We also describe a very realistic "Coffee-Break Attack" that allows the adversary to surreptitiously capture a victim's password via the thermal side-channel in a realistic multi-user office setting or in a public space.
Presenters:
-
Tyler Kaczmarek
- Mr, UC Irvine
Tyler is a fifth-year Ph.D student at the University of California, Irvine working in applied cryptography under Gene Tsudik.
His current research deals with Usable Security, particularly the prevalence of user errors in the presence of adversarial noise across multiple sensory inputs. He is also developing a technique for passive deauthentication based on biometric data. In the long term, he is interested in the development and evaluation of usable security protocols for Internet of Things (IoT) devices. In the past he has worked on the development and deployment of an accessible, coercion resistant voting machine.
-
Gene Tsudik
- Dr., UC Irvine
Gene Tsudik is a Chancellor's Professor of Computer Science at the University of California, Irvine (UCI). He obtained his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). His research interests include many topics in security, privacy and applied cryptography. Gene Tsudik is a Fulbright Scholar, Fulbright Specialist (twice), a fellow of ACM, a fellow of IEEE, a fellow of AAAS, and a foreign member of Academia Europaea. From 2009 to 2015 he served as Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC, renamed to TOPS in 2016). Gene was the recipient of 2017 ACM SIGSAC Outstanding Contribution Award. He is also the author of the first crypto-poem published as a refereed paper. He suffers from two incurable academic diseases: "Research ADHD" and "Munchausen-without-Proxy".
-
Ercan Ozturk
- Mr., UC Irvine
Ercan is a second-year graduate student pursuing his Ph.D. degree in Computer Science at UC, Irvine under the supervision of Gene Tsudik. His research interests include Applied Cryptography, Computer & Network Security and Privacy. He previously interned at Yahoo (2017), Comodo (2015) and NUI Galway (2014) and worked in Data Mining (2015) and Big Data (2016) labs at TOBB ETU and PEL (2014) at NUI Galway. He is currently interning at Google (2018).
Links:
Similar Presentations: