@inbook {IOPORT.05967811,
    author       = {Zhang, Ge and Fischer-H\"ubner, Simone},
    title        = {Timing attacks on PIN input in VoIP networks (short paper).},
    year         = {2011},
    booktitle    = {Detection of intrusions and malware, and vulnerability assessment. 8th international conference: DIMVA 2011, Amsterdam, The Netherlands, July 7--8, 2011. Proceedings},
    isbn         = {978-3-642-22423-2},
    pages        = {75-84},
    publisher    = {Berlin: Springer},
    doi          = {10.1007/978-3-642-22424-9_5},
    abstract     = {Summary: To access automated voice services, Voice over IP (VoIP) users sometimes are required to provide their Personal Identification Numbers (PIN) for authentication. Therefore when they enter PINs, their user-agents generate packets for each key pressed and send them immediately over the networks. This paper shows that a malicious intermediary can recover the inter-keystroke time delay for each PIN input even if the standard encryption mechanism has been applied. The inter-keystroke delay can leak information of what has been typed: Our experiments show that the average search space of a brute force attack on PIN can be reduced by around 80\%.},
    identifier   = {05967811},
}