Microsoft’s Wireless Keyboards Encryption Cracked

Dreamlab Technologies claims that it has cracked the encryption used by Microsoft’s wireless keyboards and its base station. As a result, Dreamlab can now sniff all keystrokes sent from Microsoft’s keyboards on the 27 MHz band.

Dreamlab Technologies was able to tap and decode the radio frequencies by using just a simple radio receiver, a sound card, and some suitable software. Keyboards that use Bluetooth for communication are not affected by this flaw.

According to Heise Security:

“Max Moser and Philipp Schrodel say that decryption was very easy because the devices use a simple XOR mechanism for encryption and the keys are only one byte long. They claim that even a PDA with a slow ARM-CPU would have derived the combination quickly. Aside from not using such keyboards, there is no workaround. Microsoft has yet to react to the Swiss firm’s announcement.”

The eavesdropping was done at a distance of 10m using standard equipment, which isn’t so bad. The concern is that with appropriate technical equipment, larger distances are possible.

You can read the press release (pdf) or the whitepaper (pdf) for more information about the exploit.

TAGS: decryption, encryption, keystrokes, microsoft, wireless keyboards

Written by admin with no comments.
Read more articles on security.

• [+] Digg: Feature this article
• [+] Del.icio.us: Bookmark this article
• [+] Furl: Bookmark this article

Related articles

• Take advantage of the pinned items list in the XP Start Menu (June 19th, 2008)
• Sensing more about what’s coming in Windows 7 (June 19th, 2008)
• Cautionary tale: How a misconfigured laptop ruined a worker’s life (June 19th, 2008)
• Vista’s big problem: 92 percent of developers ignoring it (June 17th, 2008)
• Windows Vista - Work In Progress (April 21st, 2008)