Next Article in Journal
Gamma Radiation-Induced Effects over an Optical Fiber Laser: Towards New Sensing Applications
Next Article in Special Issue
A Survey on Adaptive Data Rate Optimization in LoRaWAN: Recent Solutions and Major Challenges
Previous Article in Journal
Numerical and Experimental UAV Structure Investigation by Pre-Flight Load Test
Previous Article in Special Issue
Evaluating the Implications of Varying Bluetooth Low Energy (BLE) Transmission Power Levels on Wireless Indoor Localization Accuracy and Precision
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Behavioral Acoustic Emanations: Attack and Verification of PIN Entry Using Keypress Sounds

by
Sourav Panda
1,
Yuanzhen Liu
2,
Gerhard Petrus Hancke
2,* and
Umair Mujtaba Qureshi
2,3
1
Department of Computer Science and Engineering, University of California, Riverside, CA 92521, USA
2
Department of Computer Science, City University of Hong Kong, Hong Kong, China
3
Department of Telecommunication Engineering, Mehran University of Engineering and Technology, Jamshoro 76062, Sindh, Pakistan
*
Author to whom correspondence should be addressed.
Sensors 2020, 20(11), 3015; https://doi.org/10.3390/s20113015
Submission received: 29 April 2020 / Revised: 20 May 2020 / Accepted: 22 May 2020 / Published: 26 May 2020
(This article belongs to the Special Issue Intelligent Industrial Application of Consumer Wireless Technologies)

Abstract

This paper explores the security vulnerability of Personal Identification Number (PIN) or numeric passwords. Entry Device (PEDs) that use small strings of data (PINs, keys or passwords) as means of verifying the legitimacy of a user. Today, PEDs are commonly used by personnel in different industrial and consumer electronic applications, such as entry at security checkpoints, ATMs and customer kiosks, etc. In this paper, we propose a side-channel attack on a 4–6 digit random PIN key, and a PIN key user verification method. The intervals between two keystrokes are extracted from the acoustic emanation and used as features to train machine-learning models. The attack model has a 60% chance to recover the PIN key. The verification model has an 88% accuracy on identifying the user. Our attack methods can perform key recovery by using the acoustic side-channel at low cost. As a countermeasure, our verification method can improve the security of PIN entry devices.
Keywords: side-channel attack; personal identification number; biometric verification; PIN entry device side-channel attack; personal identification number; biometric verification; PIN entry device

Share and Cite

MDPI and ACS Style

Panda, S.; Liu, Y.; Hancke, G.P.; Qureshi, U.M. Behavioral Acoustic Emanations: Attack and Verification of PIN Entry Using Keypress Sounds. Sensors 2020, 20, 3015. https://doi.org/10.3390/s20113015

AMA Style

Panda S, Liu Y, Hancke GP, Qureshi UM. Behavioral Acoustic Emanations: Attack and Verification of PIN Entry Using Keypress Sounds. Sensors. 2020; 20(11):3015. https://doi.org/10.3390/s20113015

Chicago/Turabian Style

Panda, Sourav, Yuanzhen Liu, Gerhard Petrus Hancke, and Umair Mujtaba Qureshi. 2020. "Behavioral Acoustic Emanations: Attack and Verification of PIN Entry Using Keypress Sounds" Sensors 20, no. 11: 3015. https://doi.org/10.3390/s20113015

APA Style

Panda, S., Liu, Y., Hancke, G. P., & Qureshi, U. M. (2020). Behavioral Acoustic Emanations: Attack and Verification of PIN Entry Using Keypress Sounds. Sensors, 20(11), 3015. https://doi.org/10.3390/s20113015

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop