Authors: Kyungroul Lee, Kwangjin Bae, Kangbin Yim

Abstract:

This paper introduces a hardware solution to password exposure problem caused by direct accesses to the keyboard hardware interfaces through which a possible attacker is able to grab user-s password even where existing countermeasures are deployed. Several researches have proposed reasonable software based solutions to the problem for years. However, recently introduced hardware vulnerability problems have neutralized the software approaches and yet proposed any effective software solution to the vulnerability. Hardware approach in this paper is expected as the only solution to the vulnerability

Keywords: Keyboard sniff, password exposure, hardware vulnerability, privacy problem, insider security.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1059495

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1527

References:

[1] Taeyoung Jung, Kangbin Yim, "Countermeasures to the Vulnerability of the Keyboard Hardware," Journal of the Korea Information Security and Cryptology, Vol. 18, No. 4, pp.187-194, Aug., 2008.
[2] Kwangjin Bae, Kangbin Yim, "Analysis of an Intrinsic Vulnerability on Keyboard Security," Journal of the Korea Information Security and Cryptology, Vol. 18, No. 3, pp.89-95, Jun., 2008.
[3] Kangbin Yim, "A fix to the HCI specification to evade ID and password exposure by USB sniff," Proceedings of APIC-IST 2008, pp.191-194, 2008.12.18-19.
[4] Taeyoung Jung, Kangbin Yim, "A new image-based login method against keyboard sniff," Review of the Korea Information Security and Cryptology, Jun., 2008.
[5] Kangbin Yim, "Keyboard Security," Workshop on Ubiquitous Information Security, May, 2008.
[6] Linda D. Paulson, Key "Snooping Technology Causes Controversy," IEEE Computer, pp.27, Mar. 2002.