audio cipher channels · paper III of VI

Acoustic Side Channelsread the leak · the secret nobody sent

The first two channels were transmitters — you hid a message, or you emitted one. This one has no sender at all. The secret escapes on its own, because a machine's incidental sound is quietly correlated with its internal state: which key you struck, which bit the cipher just multiplied. The attacker only listens. And what leaks, more often than anything, is the key.

① the lineage

THE INVOLUNTARY-LEAK LINE — the machine telling on itself ENGULF 1956 cipher-machine clicks ASONOV–AGRAWAL 2004 keyboard emanations BACKES 2010 printer sound → text GENKIN+ 2013–14 RSA key from coil whine DEEP-LEARN 2023 typing, over a call From a bugged embassy phone counting rotor clicks to a neural net reading your password off a Zoom call — same physics: the work makes a sound shaped like the secret.
note. Genkin–Shamir–Tromer (2013, published 2014) pulled a full 4096-bit RSA key from a laptop's faint coil/capacitor whine during decryption — with a phone beside it, or a mic up to 4 m away.

② the demo — type a secret, hear it leak

Type into the box and press type it: each key plays its own faint click. Then press eavesdrop — a listener that never saw the keyboard reads the sound of each click, matches its spectral fingerprint to a key, and reconstructs what you typed.

type a phrase (letters & spaces), play it, then recover it from sound

③ the family of leaks

keyboard emanationsEvery key sounds a hair different — its spot on a faintly flexing board. Asonov & Agrawal trained a net to read keystrokes; by 2023, deep models recover typing from a phone mic or a video call.target · passwords, messages
acoustic cryptanalysisA CPU's coils whine differently depending on the operation. Genkin, Shamir & Tromer turned that whine into a full RSA key during GnuPG decryption — phone nearby, or mic 4 m off.target · the private key itself
printers & machinesBackes reconstructed printed pages from a dot-matrix printer's sound; the CIA once read cleartext from cipher-machine printers; Enigma itself has been probed acoustically.target · printed/typed plaintext
mechanical ciphersThe oldest leak: ENGULF (1956) read a Hagelin machine's daily key settings by counting the clicks of its rotor-setting through a bugged phone.target · daily key schedule

④ the inversion — this is the adversary to Paper I

Every other paper in this set puts information into sound. This one pulls it out. That makes the side channel the exact opposite of a watermark — not insertion but extraction — and it's the threat model your attribution scheme has to survive. If your signing key can be lifted from the whine of the laptop that holds it, then every signature, every anchored hash, every "proof this is mine" collapses at the root. So the defenses run backwards too: not "hide a mark" but break the correlation — acoustic masking and noise, damping and shielding, and cryptographic blinding so the sound a machine makes no longer tracks the bits of the key. The auditor's stance is simply: assume your machine radiates, then ask whether anything it radiates is shaped like a secret.
what's authentic. the lineage — ENGULF (1956, Wright/MI5), Asonov–Agrawal (2004), Backes (2010), Genkin–Shamir–Tromer (2013–14), deep-learning keyboard attacks (2023) — is real and sourced. the demo genuinely classifies each click by spectral analysis (a Goertzel bank) and reconstructs the text from the audio alone — verified, not faked.
honest frame. i gave each key a clean, well-separated acoustic fingerprint so the principle is legible. real keyboards leak messy, overlapping fingerprints, which is exactly why the field needed machine learning and language models to climb from "plausible" to ~90%+. the mechanism shown here is real; the difficulty is heavily understated. that gap is the whole research field.
PAPER III · ACOUSTIC SIDE CHANNELS — read the leaknext ▸ IV · AIR-GAP EXFILTRATION — make a silent machine talk