Wi-fi Signals Can Reveal Your Password

There are some things in science that you think are so unbelievable that they are just not possible. So, did you know that you can detect…

Wi-fi Signals Can Reveal Your Password

There are some things in science that you think are so unbelievable that they are impossible. So, did you know that you can detect someone’s breathing and heart rate, even if you are in the next room? Well you can, as breathing and skin movements affect the propagation of wi-fi signals, and the changes in the wi-fi signal can be detected for even the smallest of movements:

As you may know, we also do a great deal in side-channel attacks, such as where the electrical supply of a device can reveal an encryption key [paper]:

In the research work, researchers from Shanghai Jaio Tong University, the University of Massachusetts at Boston, and the University of South Florida have shown that it is possible that a radio signal can reveal your password [here]:

With this, they are able to get the PIN number right for 81.7% of the time the reflections of wi-fi signals. It uses a beam-forming wireless antenna (with Multiple-Input, Multiple-Output — MIMO), and where a radio wave is created to detect movements of a user’s hand. With MIMO, we can receive a signal from several different sources, which sees variations in the wi-fi signal as the user moves their hand and fingers.

For them, CSI is “channel state information”, and relates to hand and finger movements, and in how these can be detected from the propagation of radio waves. The paper analyses the difference between a coverage movement and a click movement. There are then two important touch movements:

  • Oblique touch [Figure 1(b)]. This is a common typing movement when pressing different keys.
  • Vertical touch [Figure 1(c)]. This is where the same key is pressed continuously.
Figure 1: Touch movements

In order to train the system, the system requires a number of key presses on a given key. This produces defined signal patterns which can be analysed for a match:

Figure 2: CSI Amplitude

The researchers were then able to observe the user entering PIN numbers on a number of mobile phones:

and where they were able to determine the numbers pressed (773919):

Overall, they think the attack on PIN numbers and passwords can be launched from a wi-fi hotspot. So, in conclusion, the researchers say that those creating payment apps should randomise their keypad layout to confuse the system.

Conclusion

Like it or not, you disturb the radio waves around you whenever you move around, and others can pick up that movement. So, perhaps you want to shield your PIN number entry in public places, not only from those spying with cameras but from wifi spying.