Re: Trojan Keyboard Driver (was Re: Viewing Current Password)

[Seth Arnold <sarnold@willamette.edu>]

* James Moore <jim.moore@firelinedsl.com> [001209 09:38]:
> Of course these techniques are available to others as well... which 
> brings me finally to the point of this post: I don't suppose there's 
> much that can be done in the OS for an external hardware-based keyboard 
> sniffer, but what are some reasonably effective defense mechanisms 
> against a trojan'd keyboard driver or keystroke logger? 

There sure is, though I don't think any exist at the moment, nor would
many people like the cost.

The gist is -- keyboards are dumb. They need to be smart. Putting a
cryptosystem atop the protocol between keyboard and computer would
defeat this particular attack (it sounds like they used the commercial
keyghost device ;) if the cryptosystem were strong enough. If the
keyboard had a smart card reader, and could interface with the smart
card to retrieve a session key shared between the smart card and
computer host (either using public key encryption, or some very crafty
symmetric algorithm :) then one would know the cable is safe. If the
decryption is done by the cpu, that would make attacks against the
mother board much more difficult.

Also, the keyboard keys themselves would need to be protected. 101 keys
on a keyboard can be rearranged 101! different ways, so if the smart
card could also change the keyboard layout (internal to the encryption
chip on the keyboard) for each session (randomly of course :), the smart
card is left as the most vulnerable point.

Is it perfect? Nope. It is expensive? Quite probably, though it sounds
like a fun thing to try to put together some day. :)


-- 
``Oh Lord; Ooh you are so big; So absolutely huge; Gosh we're all
really impressed down here, I can tell you.''