[Cryptography] Security of wireless keyboards and mices.
natanael.l at gmail.com
Tue Nov 4 13:17:22 EST 2014
Den 4 nov 2014 18:57 skrev "Phillip Hallam-Baker" <phill at hallambaker.com>:
> Has anyone looked into the security of these devices?
> Given experience with car locks, garage door openers, etc., I am not
> expecting the results to be good.
> The reason my interest was piqued was a journalist inquiring about the
> alleged takeover of a Benghazzzzi conspiracy theorist's laptop. I
> suspect that particular case is most likely explained by the device
> being paired to a bluetooth keyboard that a cat decided to sit on. But
> I have been thinking about the wider case.
> Logitech claim to have 128 bit AES. But what do the doofus vendors use?
One big problem with practically all of them is the timing side channels on
the input. I don't know a single one attempts to protect against those. The
standard usage patterns makes the timing side channels trivially
exploitable against almost all text. One could probably also identify what
kind of fields you're filling in, the length of your password, and for
consistent hunt-and-peck typists you can probably also use the timing to
identify individual typed letters.
The existence of this side channel is the result of wanting to reduce power
usage by not transmitting when not necessary + wanting to reduce latency
enough to not be noticeable. This means you can't just transmit potentially
kilobyte sized packets every 5-10 milliseconds, too many of these devices
runs on crappy batteries that would die too fast.
Improve the batteries, ideally add solar cells, and go straight for
constant-everything transmission (constant size, constant time, strongly
encrypted so everything just like like noise) is your best bet. Maybe BLE
would reduce the power usage enough to make this work decently.
>From what I remember older Bluetooth ones are mostly crap (bad crypto).
Wouldn't dare to dream that any of the 2.4GHz ones with unspecified
protocols are secure. Doubt they're replay protected, or rekey with
reasonable frequency or anything else like that.
Found one source:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography