Jump to: navigation, search

Keystroke Deanonymization

Keystroke Dynamics[edit]

Keystroke biometric algorithms have advanced to the point where it is viable to fingerprint users based on soft biometric traits. This is a privacy risk because masking spatial information, such as the IP address via Tor, is insufficient to anonymize users. [1]

Users can be uniquely fingerprinted based on: [2]

  • Typing speed.
  • Exactly when each key is located and pressed (seek time), how long it is held down before release (hold time), and when the next key is pressed (flight time).
  • How long the breaks/pauses are in typing.
  • How many errors are made and the most common errors produced.
  • How errors are corrected during the drafting of material.
  • The type of local keyboard that is being used.
  • Whether they are likely right or left-handed.
  • Rapidity of letter sequencing indicating the user's likely native language.


A unique neural algorithm generates a primary pattern for future comparison. It is thought that most individuals produce keystrokes that are as unique as handwriting or signatures. This technique is imperfect; typing styles can vary during the day and between different days depending on the user's emotional state and energy level. [3]

Unless protective steps are taken to obfuscate the time intervals between key press and release events, it is likely most users can be deanonymized based on their keystroke manner and rhythm biometrics. Adversaries are likely to have samples of clearnet keystroke fingerprinting which they can compare with "anonymous" Tor samples. At a minimum, users should not type into browsers with Javascript enabled, since this opens up this deanonymization vector. Text should be written in an offline text editor and copied and pasted into the web interface when it is complete.

In addition, users must also disguise their linguistic style to combat stylometric analysis, and be aware of mouse tracking techniques available to adversaries.

Future:


See also:

References[edit]

  1. https://github.com/vmonaco/keystroke-obfuscation
  2. https://en.wikipedia.org/wiki/Keystroke_dynamics
  3. https://en.wikipedia.org/wiki/Keystroke_dynamics

Random News:

Join us in testing our new AppArmor profiles for improved security! (forum discussion)


Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)