Hacking Of External Devices Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Network security is a never ending battle between the system design engineers and the computer hackers. In an effort to keep the hackers out, engineers have developed an impressive array of encryption algorithms, authentication protocols and intrusion detection systems. The hackers have developed an equally impressive way of bypassing the security walls.

However, both groups have continued to overlook one of the most vulnerable links in any computer network: the clients' keyboard. Keyboards are still the input device of choice for the computers. A lot of "sensitive" information like the usernames, passwords, credit card information, etc., is passed through it.

All keyboards perform the basic function of decoding the keystrokes to appropriate binary code that is read by the CPU. A small, easily purchased capture device can be attached to the computer keyboard port and can remain there for weeks, which can store decoded keystrokes directly from the keyboard and could reveal the sensitive information to the hacker. Thus the potential danger of having our network passwords and other important data stolen is always lurking around.

So far, there hasn't been a single wired keyboard that provides a solution to this problem. Probably, because this threat has been overlooked.

The system of encrypting the data before transferring it through the port and later decrypting it solves this threat. So in this paper as a part we will look in detail about the keyboard capture devices & its threats to security. In the remaining half come our ideas of securing the keyboard. If this is a success, then probably we could produce the first fully secured wired keyboard.

INTRODUCTION:

Anyone with a flash memory and a microcontroller can easily build a capture device for a keyboard. However this has been further simplified by the introduction of a key catcher device that is actually meant to ward off employee attempts to visit personal WebPages during the office hours or a child visiting adult sites. This could also be implemented in an ATM or a Bio-authentication center.

In this paper, we have tried to deal with this threat and propose a possible solution to it. The basic idea that immediately pops into our mind is to encrypt the data that is passing through the port. Using embedded encryption to protect a network link is nothing new. Various encryption algorithms are available to encrypt internet packages. However our goal is to implement an embedded encryption system that will provide a secure link between the keyboard and the host and will prevent the installation of unauthorized Spy-keyboards that may contain hidden transmitters.

BRIEF DESCRIPTION OF THE KEYBOARD:

Inside every keyboard is a matrix of pressure sensitive pads and a microprocessor that continuously scans for a key stroke. Depressing a key causes the microprocessor to send the appropriate "make code" to the host, while releasing the key will send the appropriate "break code".

For example, a PS/2 keyboard will transmit 0x1C when A is pressed and 0xF01C when released. The processor in a keyboard has to understand several things that are important to the utility of the keyboard, such as:

Position of the key in the key matrix.

The amount of bounce and how to filter it.

The speed at which to transmit the typematics.

FROM KEYBOARD TO COMPUTER:

As you type, the processor in the keyboard is analyzing the key matrix and determining what characters to send to the computer. It maintains these characters in a buffer of memory that is usually about 16 bytes large. It then sends the data in a stream to the computer via some type of connection.

PS/2 Keyboard Port.

The most common keyboard connectors are:

5-pin DIN (Deustche Industrie Norm) connector

6-pin IBM PS/2 mini-DIN connector

4-pin USB (Universal Serial Bus) connector

internal connector (for laptops)

Normal DIN connectors are rarely used anymore. Most computers use the mini-DIN PS/2 connector. No matter which type of connector is used, two principal elements are sent through the connecting cable. The first is power for the keyboard. Keyboards require a small amount of power, typically about 5 volts, in order to function. The cable also carries the data from the keyboard to the computer.

THREATS OF LEAKAGE OF SENSITIVE INFORMATION (KEYBOARD INPUT):

One can assume that getting physical access to the inside of the keyboard or host would be impractical for an attacker. For instance, a secure keyboard could be sealed shut with epoxy and the hosts' case could be protected with a lock. True these assumptions are not fool proof. But they are reasonable. After-all coming to a computer lab with a pair of bolt cutters is more likely to arouse suspicion than discretely attaching a keystroke capture device to the back of keyboard port.

The online market has made the purchase of these keystroke capture devices much simpler. Here we have shown one such model that is available currently in the market for less than Rs.4500. THESE PICTURES WERE FOUND IN THE INTERNET WHILE SEARCHING. THESE PICTURES ARE FROM www.keystroke-loggers.staticusers.net

The KeyKatcher is a hardware device to log activity as it is performed on the keyboard. The device works with any PS/2 keyboard and is not dependant on the operating system because there is no software required for the manufacturer to product to interact with the hardware.

The KeyKatcher records up to 32,000 bytes (keystrokes) in the 33k model or 64,000 bytes (key strokes) in the 64k model. Even if the device is unplugged from the keyboard it will still remember EVERYTHING and you won't lose a single keystroke.

Interacting with the Keystroke logger is simply, it can be done from any PS/2 compatible keyboard/computer. Type the pass phrase which was set, first time users the pass phrase is 'keykatch' the menu will be displayed, you can navigate through the menus by entering typing in the number corresponding with the command.

For example, to view memory press '1'. It could display something like:

"Cit eee the need for security is always increasing", this means that the user had logged in under the user name cit whose password is eee.

If you own a credit card then clicking this icon is the only thing that you would have to do to get this device.

KeyKatcher 32k

$56.00

KeyKatcher 64k

$76.00

KeyKatcher 128k

$99.00

Top of Form

Bottom of Form

Top of Form

Bottom of Form

 

 

BYPASSING THE KEYKATCHER:

We have put in work on how to bypass this keykatcher. The basic idea that we had was to send information through this device in an incomprehensible and unintelligent format. Thus we resorted to encryption. The two techniques that could be used are:

1. Using an extra microprocessor in the keyboard and the host. We'll call this as TYPE I (Two Microprocessor method)

2. Introducing a microprocessor in the keyboard and using a decryption algorithm in the BIOS. We'll call this TYPE II or Single microprocessor method.

TYPE I:

As we have discussed earlier that decoding in a keyboard is done by a microprocessor, we can introduce a second microprocessor in which we can load the assembly program which would encrypt based on any algorithm of our choice.

We can employ another microprocessor in the host which would do the process of decoding based on the same algorithm. Thus only the encrypted data is stored in the KeyKatcher device.

The most obvious disadvantage of this method is the fact that we have to use more devices i.e., the two extra microprocessors. This would increase the cost of the keyboard.

TYPE II:

The microprocessor in the keyboard can be replaced with a new one which can do the process of translation and then encryption. This is passed on to the CPU. We can load decrypting software in the BIOS. Thus the data remains in an unintelligent format when it is passing through the KeyKatcher (if it has been planted).

The obvious advantage of this technique is the fact that the number of components used remains minimal. The disadvantage in this method is that all the present keyboard microprocessors are rendered useless.

Encryption

KEYBOARD

Decryption in BIOS through Software

KeyKatcher

Input port

A simple Block Diagram representation.

ENCRYPTION ALGORITHM:

The choice of the encrypting algorithm in itself presents a problem. A wrong choice would quite blatantly lead to a security breach. A schematic of one algorithm that we have implemented is shown:

We have divided the 8 bits into two parts Ro and Lo. Then we can use a number of function keys (to encrypt it to the required degree). Here we will see the implementation of two function keys.

The encrypted two halves are R2 and L2. Decryption requires little additional code since cipher text through the ladder network with the functions in the reverse order.

R0

L0

R2

L2

L0

R0

R2

L2

XOR

XOR

Lo

R1

L1

Ro

Key1

XOR

R2

L2

Key2

XOR

L1

R1

Key2

Key1

Encryption Decryption

As seen from the schematic, we have used two function keys. However the number can be increased to suit the complexity. A minimum of two function keys are required as only then both the halves are encrypted. The algorithm is only a simple one and merely serves as an example.

WHERE DOES THE ALGORITHM FAIL?

The algorithm though does not fail abruptly holds a major drawback. The blocks of same code is encrypted in a similar fashion. Thus leading to a situation where a hacker can spend some time to understand and find out the key(s) by trial and error method.

To avoid this, we can resort to the standard encryption techniques such as Vignere cipher. Here blocks of code occurring the second time would be encrypted in a different fashion. However, as vignere cipher requires a lot of memory, it could affect the performance i.e., the keyboard response rate drastically.

REPLAY ATTACK:

After using this algorithm the encrypted data is stored in the Keykatcher. Even now the hacker can use the same host which uses the same decryption technique and as the memory contains chunks of valid encrypted data it can be replayed into the CPU. It would be decrypted correctly. This has been pictographically represented below:

Encryption Decryption

A

B

A

Encrypt Key

X

B

Encrypt Key

Y

Y

X

Decrypt Key

Decrypt Key

Y

X

Decrypt Key

Decrypt Key

Replayed Packets

A

B

KEY CHANGING TECHNIQUE:

We can resort to changing the key every time a byte is encrypted. By having the same algorithm in practice in both the BIOS and the keyboard we can have synchronization between them. Using a different key for each encryption prevents repetition and replaying packets to the host fails because the incorrect key is used for the decryption.

A

A

Encrypt [Key]

X

B

Encrypt [Key+1]

Y

Y

X

Decrypt [Key+1]

Decrypt [Key]

Y

X

Decrypt [Key+3]

Decrypt [Key+2]

Replayed Packets

B

?

?

FAILURE OF THE CHANGING KEY TECHNIQUE:

The chief disadvantage is that if the packet is lost the keyboard and the host will be out of synchronization on which key to use and thus will lose the ability to communicate.

For instance, consider the case when a hacker employs the replay attack technique. The keystrokes are not correctly decrypt as the key has changed. The disappointed hacker leaves and then the administrator arrive. The BIOS does not recognize between replay attack and keystroke. The BIOS key would have further incremented to a new value as it considers the replay as another keystroke. But the keyboard encryption key would still be at its old value owing to the fact that it had not encrypted any new keystrokes.

Result: Further communication between the keyboard and the CPU is impossible.

A

Encrypt [Key]

X

Encrypt [Key+1]

Y

Y

X

Decrypt [Key+1]

Decrypt [Key]

Y

X

Decrypt [Key+3]

Decrypt [Key+2]

Replayed Packets

A

Encrypt [Key+2]

X

X

Decrypt [Key+4]

B

A

A

?

?

?

Encrypt [Key+3]

Decrypt [Key+5]

B

?

X

X

THE TECHNIQUE OF USING FEEDBACK (A POSSIBLE SOLUTION):

The most probable conclusion that one could arrive at, at this junction is to have a handshake between the BIOS and the encryption microprocessor. If the BIOS were to send a signal every time it decrypts a byte, then this signal can be used to control a counter. In turn this counter can play the role of the encryption key or in deciding the encryption key in more complicated systems. Thus there would be definite synchronization between the BIOS and keyboard.

Decryption key in BIOS through Software

Output

Input port

KeyKatcher

KEYBOARD

Counter

Pulse

Enable

Comparing [count-1] & [count]

Coco

There may also be a case where another key may appear for encryption while the penultimate key is getting decoded. To avoid this problem we have provided a comparator circuit which would give a positive pulse only when the count changes.

Implementing the solution with the above mentioned algorithm we get the following:

Comparing [count-1] & [count]

Coco

XOR

XOR

Lo

R1

L1

Ro

Key1+count

XOR

R2

L2

Key2+count

XOR

L1

R1

Key2+count

Key1+count

Enable

R0

L0

L2

R2

R2

L2

L0

R0

R2

Encryption Decryption

KEY CONCERNS:

It is evident that the encryption scheme mentioned are symmetric and requires that both ends of the embedded system have the same key. In two microprocessor method, a unique Master key can be loaded in each pair of microprocessors during the programming phase.

We can design the individual Encryption and decryption keys with this Master key as a base and the counter value as a parameter. So without this secret Master key, a capture device cannot read the package from the keyboard and an unauthorized keyboard cannot talk to the host.

However, the replacing the keyboard would require installing a new microprocessor. This is an obvious disadvantage for any commercial product. Under the TYPE II model a person authorized to access the protected BIOS setup could change the Master Key without having to physically replace any Hardware.

TO RETAIN THE USE OF THE KEYKATCHER:

As discussed earlier, the keykatcher is also useful in some cases viz. tracking a suspected employer, preventing a child from entering an adult web site, etc. Thus by changing all the keyboards we are actually killing the market of one intelligent product.

To retain the use of this device we can do a small alteration. W can introduce two modes in the BIOS Decryption Software. In Mode 0(which is the default mode) we would employ the algorithm that we have discussed. In Mode 1 we can disable the counter and comparator circuit in the keyboard. But this can be done only by the Administrator who can access the protected BIOS setup.

THE FINAL BLOCK DIAGRAM:

Mode

Decryption key in BIOS through Software

Encrypt Key

Counter

Input port

KeyKatcher

KEYBOARD

Comparing [count-1] & [count]

Coco

Output

Block Diagram of the protection system against Keyboard Hardware hacking devices.

FUTURE PROSPECTS:

The wireless keyboards will take over wired keyboards. In wireless keyboards the data is sent as a modulated radio signal to the host. We can employ a keykatcher in the proximity which can trap the radio signals, demodulate it and store it. So we can employ the above encryption algorithms can send encrypted signals in air, thus securing our information.

CONCLUSION:

Keyboards are not the only peripherals that need a secure connection to the host. As fingerprint scanners and other biometric identification devices become the de facto standard for authentication, encryption will be needed to prevent theft or replay of users' biometric signatures. Even though these hardware capture devices pose a huge danger to computer networks, it may unfortunately take a massive and financially paralyzing security breach at a big university or company before that danger is perceived within the network security community.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.