# Re: audio keyboard snooping

```At 01:37 PM 1/12/01 -0800, Ray Dillinger mentioned:
>interferometry to get the exact locations
>on a keyboard of keystrokes from the sound of someone typing.

Whereupon Perry conjectured:

>A quick contemplation of the wavelength of the sounds in question
>would put an end to that speculation I suspect.

Also At 04:40 PM 1/12/01 -0800, Perry asked:
>Remember your basic science: you can't resolve something smaller than
>half a wavelength. (Well, you can, with certain techniques, but things
>get seriously hairy at that point, and in general the limit is half a
>wavelength.) Given this, it is unlikely that you're going to figure
>out whether the g or the h key was struck. If I'm wrong here, I'd like
>to hear a detailed counterargument or evidence.

So.....

1) Basic assumptions:  What wavelengths should we consider?  Just because a
radio-shack microphone is limited to 20kHz doesn't mean a determined
adversary can't get a microphone with vastly more bandwidth.  The
microphone is not a limitation.

The most fundamental limitation is the risetime of the clicks emitted by
the keyboard.  I'm sure this varies widely from keyboard to keyboard.

2) Basic science:  A time-domain analysis (in terms of risetimes et cetera)
is probably more illuminating than a frequency-domain analysis.

The acoustic propagation time from one key to another is 50 microsec (17.2
mm key spacing, 345 m/s speed of sound) assuming the adversary has a
favorable geometry.  Divide by 2 if you like as an estimate of GDoP
(geometric dilution of precision).  Having a click with a 25 microsec
risetime is certainly not implausible.

Conclusion:  A careful contemplation of the acoustics does not, in general,
rule out this form of eavesdropping.  OTOH a careful spook could buy a
non-clicky keyboard.

3) MORE IMPORTANTLY, the analysis seems a bit pointless, rather like
picking the lock on the side door while the front door stands open.  That
is, if I have a clicky keyboard, it is likely that certain keys emit
systematically different clicks.  Certainly that is true for the keyboard I
am using at the moment.  If we consider these clicks to be the codetext
alphabet, then only a rather simple substitution cipher, with perhaps some
lossy compression, stands between the adversary and my secrets (plaintexts
as well as keys).

```