Towards robustness of keyboard-entered authentication factors with thermal wiping against thermographic attacks
Abstract
Many authentication methods use keyboard entry for one of their authentication factors. Keyboards factors have been compromised exploiting physical fingerprints, substances from fingers visible on keys, with acoustic recordings through mobile phones, and through video reflections captured by high-resolution cameras used for video conferencing. Heat transfer from human fingers to keypads is an additional attack channel that has been demonstrated. There are few mitigation measures published against this type of attack. This article summarizes the feasibility of thermographic attacks against computer keyboards and against door pin pads, as well as the efficiency of the scrubbing technique deployed in order to counter thermographic attacks. For this purpose, a series of experiments with small, mobile thermal cameras were carried out. We report findings such as time intervals and other constraints for successful laboratory observation of authentication factors, describe scrubbing methods and report the performance of those methods.
- Citation
- BibTeX
Fritsch, L., Mecaliff, M., Opdal, K. W., Rundgreen, M. & Sachse, T.,
(2022).
Towards robustness of keyboard-entered authentication factors with thermal wiping against thermographic attacks.
In:
Roßnagel, H., Schunck, C. H. & Mödersheim, S.
(Hrsg.),
Open Identity Summit 2022.
Bonn:
Gesellschaft für Informatik e.V..
(S. 15-26).
DOI: 10.18420/OID2022_01
@inproceedings{mci/Fritsch2022,
author = {Fritsch, Lothar AND Mecaliff, Marie AND Opdal, Kathinka W. AND Rundgreen, Mathias AND Sachse, Toril},
title = {Towards robustness of keyboard-entered authentication factors with thermal wiping against thermographic attacks},
booktitle = {Open Identity Summit 2022},
year = {2022},
editor = {Roßnagel, Heiko AND Schunck, Christian H. AND Mödersheim, Sebastian} ,
pages = { 15-26 } ,
doi = { 10.18420/OID2022_01 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Fritsch, Lothar AND Mecaliff, Marie AND Opdal, Kathinka W. AND Rundgreen, Mathias AND Sachse, Toril},
title = {Towards robustness of keyboard-entered authentication factors with thermal wiping against thermographic attacks},
booktitle = {Open Identity Summit 2022},
year = {2022},
editor = {Roßnagel, Heiko AND Schunck, Christian H. AND Mödersheim, Sebastian} ,
pages = { 15-26 } ,
doi = { 10.18420/OID2022_01 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Dateien | Groesse | Format | Anzeige | |
---|---|---|---|---|
proceedings-01.pdf | 1.273Mb | View/ |
Sollte hier kein Volltext (PDF) verlinkt sein, dann kann es sein, dass dieser aus verschiedenen Gruenden (z.B. Lizenzen oder Copyright) nur in einer anderen Digital Library verfuegbar ist. Versuchen Sie in diesem Fall einen Zugriff ueber die verlinkte DOI: 10.18420/OID2022_01
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
DOI: 10.18420/OID2022_01
ISBN: 978-3-88579-719-7
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2022
Language: (en)
Content Type: Text/Conference Paper