Timing Attacks on PIN Input Devices

机译：PIN输入设备的定时攻击

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Keypads are commonly used to enter personal identification numbers (PIN) which are intended to authenticate a user based on what they know. A number of those keypads such as ATM inputs and door keypads provide an audio feedback to the user for each button pressed. Such audio feedback are observable from a modest distance. We are looking at quantifying the information leaking from delays between acoustic feedback pulses. Preliminary experiments suggest that by using a Hidden Markov Model, it might be possible to substantially narrow the search space. A subsequent brute force search on the reduced search space could be possible without triggering alerts, lockouts or other mechanisms design to thwart plain brute force attempts.

机译：键盘通常用于输入个人识别码（PIN），该识别码用于根据用户知道的信息对用户进行身份验证。许多这样的键盘，例如ATM输入和门键盘，会为每个按下的按钮向用户提供音频反馈。从适度的距离可以观察到这种音频反馈。我们正在研究量化由于声反馈脉冲之间的延迟而泄漏的信息。初步实验表明，通过使用隐马尔可夫模型，可能有可能大幅缩小搜索空间。可以在减少的搜索空间上进行后续的暴力搜索，而无需触发警报，锁定或其他机制来阻止普通的暴力尝试。

著录项

来源
《17th ACM conference on computer and communications security 2010》|2010年|p.678-680|共3页
会议地点 Chicago IL(US);Chicago IL(US)
作者
Denis Foo Kune; Yongdae Kim;
展开▼
作者单位

CSE Department University of Minnesota;

CSE Department University of Minnesota;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类安全保密;通信;
关键词
keystroke timing; passcode; pin;

机译：击键时间；密码销;

相似文献

外文文献
中文文献
专利

1. Robust security framework with bit-flipping attack and timing attack for key derivation functions [J] . Koh Wen Wen, Chuah Chai Wen Information Security, IET . 2020,第5期

机译：具有位翻转攻击和关键推导功能的定时攻击的强大安全框架
2. A study of ESD protection devices for input pins. Discharge characteristics of diode, lateral bipolar transistor, and thyristor under MM and HBM tests [J] . Ishizuka H., Okuyama K. IEEE transactions on components, packaging, and manufacturing technology. Part C, Manufacturing . 1998,第4期

机译：对输入引脚ESD保护器件的研究。 MM和HBM测试下二极管，横向双极晶体管和晶闸管的放电特性
3. When Human cognitive modeling meets PINs: User-independent inter-keystroke timing attacks [J] . Liu Ximing, Li Yingjiu, Deng Robert H., Computers & Security . 2019,第JANa期

机译：当人类认知模型遇到PIN时：与用户无关的按键间定时攻击
4. Timing Attacks on PIN Input in VoIP Networks (Short Paper) [C] . Ge Zhang, Simone Fischer-Huebner Detection of intrusions and malware, and vulnerability assessment. . 2011

机译：VoIP网络中PIN输入的定时攻击（简短论文）
5. Stepping-stone NEtwork Attack Kit (SNEAK) for evading timing-based detection methods under the cloak of constant rate multimedia streams. [D] . Padhye, Jaideep. 2008

机译：跳板式NEtwork攻击套件（SNEAK），用于躲避恒定速率多媒体流掩盖下的基于定时的检测方法。
6. Timing in the Absence of Supraspinal Input II: Regularly Spaced Stimulation Induces a Lasting Alteration in Spinal Function That Depends on the NMDA Receptor BDNF Release and Protein Synthesis [O] . Kyle M. Baumbauer, John R. Huie, Abbey J. Hughes, 2009

机译：缺少上睑输入II的时机：规则间隔的刺激会导致脊髓功能的持久改变这取决于NMDA受体BDNF释放和蛋白质合成
7. Timing attacks on pin input devices [O] . Denis Foo Kune, Yongdae Kim 2010

机译：引脚输入设备的定时攻击

Timing Attacks on PIN Input Devices

摘要

著录项

相似文献

相关主题

期刊订阅