Just when you thought your home network was safe, researchers have proven you wrong yet again: researchers from the USA and China have shown that it is possible to accurately detect keystrokes using Wi-Fi signals from an ordinary router.
The proof was demonstrated by researchers at Michigan State University and Nanjing University in China. These researchers showed that it was theoretically possible in environments with minimal signal interference to use the disrupts in a router’s Wi-Fi signals to detect the keys someone is pressing on a laptop. Attackers can then use this data to steal passwords.
This isn’t just some theoretical concept: in the past, researchers have shown you can detect a person’s presence and movements in the room using Wi-Fi signals, or even read hand and lip movements using Wi-Fi signals: so the use of Wi-Fi signals to detect physical movement is well-established in scientific circles.
How to Steal Someone’s Password Using their Wi-Fi Signal Data
Researchers demonstrated the proof as part of an experiment called WiKey, where researchers employed off-the-shelf equipment you can purchase from any electronics store. in this case, they used a Lenovo X200 laptop and a TP-Link Wi-Fi router.
The goal was to detect tiny shifts in Wi-Fi signals using the router’s Multiple-Input and Multiple-Output (MIMO) capabilities. These capabilities refer to a set of functions that allow each of the antennas to send multiple Wi-Fi signals across the same radio channel.
Basically, researchers used these multiple Wi-Fi signals like a scanner, sweeping the room to create a virtual map of the interior. That’s why this procedure only works in small rooms with minimal movement and no human presence (or at least no moving human presence).
Then, once someone enters the room, researchers are able to monitor small shifts in the movements of their hands, fingers, and keys.
Just because you can detect hand motions doesn’t necessarily mean which keys they’re pressing – or does it? Researchers actually did this with up to a 97% accuracy rate: when your fingers reach to press a certain key, they move in a unique formation and direction. Researchers were able to build an algorithm that detected these movements with a 77% to 97.5% accuracy rate.
Up to 97.5% Accuracy Rate
The accuracy rate was much higher when researchers were tracking a slow-typing user in an environment with little other movement.
In environments with lots of movement and a fast typing speed, that accuracy dropped significantly to 77.43% – although that’s still a high enough accuracy rate to at least make an intelligent guess about someone’s password.
Think about your password. If someone knew 75% of it, could they make a reasonable guess about the rest of it? What about 80%? 90%? Unless your password looks like fas9j#$%342, the answer is “probably”.
How It Could Work in the Real World
As far as we know, nobody actually uses this technique in the real world.
However, if they did use this system in the real world, it would be fraught with problems. First, it doesn’t work if there are 2 or 3 other people in the room near the individual being targeted. WiKey can’t distinguish between targets.
Nevertheless, researchers have demonstrated that it’s certainly possible for such attacks to take place – and that’s scary enough.
You can view the entire research paper here. It’s called Keystroke Recognition Using WiFi Signals.