Software giant Microsoft still has to act regarding the potential dangers of insufficient wireless keyboard security. Microsoft, which produces millions of keyboards and input devices each year, has yet to acknowledge the threat which was originally discovered over two years ago.

The vulnerability is essentially a man-in-the middle attack, which uses a hidden receiver to secretly record keystrokes on the 27MHz wireless frequency. With little more than a PCB and software, it can decrypt keystrokes in real time.

This attack intercepts wireless transmissions from Microsoft keyboards which use a redundant XOR 8-bit encryption algorithm.  This encryption algorithm has been vulnerable to cryptographic attack for some time, and an 8-bit key is insufficient to protect data.

The hardware used to carry out this attack was essentially a Texas instruments wireless receiver, controlled by an 8-bit controller. The price of purchasing such equipment is minimal, and the software required is freely available online.

Because of this, it is possible to construct a PCB type interface to remotely intercept and decrypt keyboard traffic for just a few dollars. Potential attackers need only walk past an affected keyboard to execute this attack. With increased adoption rates of wireless peripherals, more people are at risk than ever before.

Security is as strong as its weakest link. As a result of Microsoft’s use of light-weight cryptography in protecting key strokes, there are potentially millions of keyboards at risk. The only solution for industries that depend on wireless technology is to move towards more advanced Bluetooth technology, in order to minimize the risks of cryptographic attack.

However, more advanced side-channel attacks will still be a possibility for attackers, as even wired keyboards are vulnerable to techniques that exploit electromagnetic emissions.