Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology

ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

Secret Key Extraction using Keyloggers

Anu B Prashanth Savitha C
Artificial Intelligence and Machine Learning Assistant Professor
Sri Siddhartha Institute of Technology Artificial Intelligence and Machine Learning
Tumkur, India Sri Siddhartha Institute of Technology
Tumkur, India

Moulya N M
Computer Science and Engineering
Sri Siddhartha Institute of Technology
Tumkur, India

Abstract:- The application of keylogger technology for setting, researchers can explore new methods for testing and
secret key extraction within a message-sending system is reinforcing the robustness of cryptographic protocols. This
presented with practical example of its implementation approach, although unconventional, could lead to the
in real-world scenarios. Keyloggers, designed to capture development of more resilient encryption algorithms that are
keystrokes, are repurposed to intercept cryptographic better equipped to withstand advanced cyber threats. Prior
key input during the process of message encryption and studies [8] have focused on mitigating the effects of
decryption. By deploying keyloggers in a controlled keyloggers through various defensive measures, such as
environment, the sensitive cryptographic keys can be sandboxing, advanced detection algorithms, and behavioral
extracted from user interactions with the messaging analysis tools designed to identify and neutralize keylogger
application. The integration of keylogger tools with the activity [9]. Additionally, the integration of machine
messaging system includes technical details of their learning and artificial intelligence into cybersecurity
deployment and the methodologies used to capture and frameworks has shown promise in improving the detection
analyze keystrokes associated with cryptographic and prevention of keylogger-based attacks. Little research,
operations. however, has been conducted on leveraging these techniques
in a beneficial manner, particularly within the context of
Keywords:- Encryption, Decryption, Cryptographic Keys, secure communication [10]. By re-examining keyloggers
Secret Key Extraction, Keyloggers. through this innovative lens, there is potential to not only
enhance current cryptographic practices but also to discover
I. INTRODUCTION new strategies for protecting sensitive information in
increasingly hostile cyber environments.
Recent advancements in cybersecurity have led to the
exploration of various techniques for securing message In today's digital world, protecting cryptographic keys
transmissions [1], [2]. Among these, keylogging techniques is crucial for secure communication. However, even strong
have gained attention due to their ability to extract security measures can be undermined by sophisticated cyber
encryption keys during the transmission of sensitive threats. One such threat is keyloggers—malicious software
information [3]. Keyloggers, typically regarded as malicious that secretly records what users type. While often used for
tools, have been utilized to intercept user input at various spying, keyloggers can also be used to steal cryptographic
levels, such as keystrokes or clipboard content, posing keys, which are essential for encrypting and decrypting
significant security risks [4]. As cyber threats continue to messages.
evolve, keyloggers have become increasingly sophisticated,
capable of bypassing traditional security measures and The application of Keylogger technology is used for
remaining undetected within compromised systems [5]. extracting secret keys within a message-sending system. By
intercepting keystrokes associated with cryptographic
However, while keyloggers are traditionally viewed as operations, keyloggers can compromise the integrity of
threats [6], there is potential for their application in secure communications. A practical exploration of this
cryptographic key extraction within a controlled threat, detailing how keyloggers can be integrated into a
environment for securing message-sending systems. This messaging environment to extract cryptographic keys. this
novel perspective on keyloggers can present both risks and aim to shed light on the vulnerabilities posed by keylogger-
opportunities in enhancing encryption techniques [7]. By based attacks and offer insights into fortifying cryptographic
repurposing keylogger technology in a secure and controlled systems against such threats.

IJISRT24SEP1080 www.ijisrt.com 1
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

II. LITERATURE REVIEW extracts the secret key without compromising the system's
security. The extracted key is verified against the expected
Cryptographic keys are vital for secure output of the Diffie-Hellman process to ensure accuracy.
communication, and the Diffie-Hellman key exchange This methodology highlights the novel use of keyloggers for
protocol is a cornerstone of this security, enabling two legitimate cryptographic purposes, providing an additional
parties to share a secret key over an insecure channel. layer of verification and security within the message-
However, the rise of keyloggers—malicious software that sending system. The methodology involves integrating
records keystrokes—poses a significant threat to key keyloggers into a message-sending system that uses the
security by potentially capturing these sensitive inputs Diffie-Hellman Key Exchange (DHKE) algorithm to secure
during the key exchange process. The Diffie-Hellman its communication. The goal is to extract the secret key that
protocol allows for secure key sharing using modular is generated during the key exchange process using a
arithmetic and prime numbers, with its security relying on keylogger deployed in a controlled environment. The
the difficulty of the discrete logarithm problem [11]. keylogger serves as a tool to capture critical information
Research has affirmed its effectiveness against direct attacks from the system, specifically the inputs related to the
[12], but its reliance on secure key inputs makes it generation and sharing of the Diffie-Hellman keys.
vulnerable to interception by keyloggers [13].
The Diffie-Hellman Key Exchange (DHKE) protocol
Keyloggers capture keystrokes, including cryptographic to facilitate secure communication within our message-
keys, thus threatening the confidentiality of encryption sending system. The Diffie-Hellman algorithm, introduced
systems [14]. Studies have shown that keyloggers can by Whitfield Diffie and Martin Hellman in 1976, enables
compromise security by intercepting keys during encryption two parties to establish a shared secret key over a public and
and decryption processes [15]. This capability highlights the potentially insecure communication channel. This shared
need for effective defenses against such attacks. Integrating key is then used for encrypting and decrypting messages,
keyloggers with the Diffie-Hellman protocol can expose the ensuring confidentiality. It allows two parties to securely
secret key if keyloggers capture the key exchange inputs generate a shared secret key over an insecure
[16]. Research has shown that keyloggers can exploit communication channel by relying on modular arithmetic
vulnerabilities in this process, emphasizing the need for and the difficulty of solving the discrete logarithm problem.
enhanced security measures [17]. To combat keylogger Initially, both parties agree on two public parameters: a
threats, strategies such as using secure input methods and large prime number p and a base g, which can be shared
advanced detection technologies are recommended [18][19]. openly. Each party then selects a private key—Alice
Future research should focus on developing cryptographic chooses a private key a and Bob chooses a private key b—
protocols resistant to keylogger attacks and utilizing AI for both of which remain confidential. Using their private keys,
improved detection [20]. Keyloggers present a significant each party calculates their public key, where Alice computes
threat to the Diffie-Hellman key exchange protocol by A=ga mod p and Bob computes B=gb mod p. They then
potentially capturing secret keys. Addressing this requires a exchange their public keys. Upon receiving Bob’s public
combination of secure input practices, advanced detection, key B, Alice computes the shared secret as S=Ba mod p and
and ongoing research into more resilient cryptographic Bob, using Alice’s public key A, computes the same shared
techniques. secret S=Ab mod p. Both parties now share the same secret
key S, which can be used for secure communication. The
III. METHODOLOGY security of the algorithm lies in the fact that, while the
public keys A and B are exchanged, it is computationally
The keylogger methodology aims to extract the secret infeasible to determine the private keys a or b from the
key from a message-sending system that utilizes the Diffie- public keys, ensuring that the shared secret remains secure.
Hellman Key Exchange algorithm. Keyloggers, traditionally
seen as malicious software, are repurposed in this context to  Setup of the Diffie-Hellman Key Exchange
capture crucial cryptographic information within a secure The message-sending system employs the Diffie-
and controlled environment. The keylogger is deployed on Hellman Key Exchange protocol to securely generate and
both systems involved in the communication process. It is exchange encryption keys between two parties (Party A and
programmed to monitor and record input data related to the Party B) over an insecure communication channel. Both
key exchange. This includes the private keys generated by parties agree upon two public parameters:
the two parties, the public keys derived from those private  A large prime number ppp
keys, and the subsequent keystrokes associated with the  A base g (a primitive root modulo p)
computation of the shared secret key. During the Diffie-  Each party generates a private key:
Hellman Key Exchange, each party generates a private key  Party A generates a private key a,
and uses it to compute a corresponding public key. These  Party B generates a private key b.
public keys are exchanged between the two parties, who
then use them to calculate a shared secret key. The From these private keys, the corresponding public keys
keylogger captures these critical keystrokes and are derived:
computations, allowing it to reconstruct the secret key.  Party A computes A=ga mod p,
Operating in a controlled environment, the keylogger  Party B computes B=gbmod p.

IJISRT24SEP1080 www.ijisrt.com 2
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

 These public keys are then exchanged between the  Extraction of the Secret Key
parties. Once the public keys are exchanged, each party
computes the shared secret key:
 Keylogger Deployment  Party A calculates Ka=Ba mod p
A keylogger is deployed on both systems (Party A and  Party B calculates Kb=Ab mod p
Party B) to monitor and record keystrokes and other input
data. The keylogger operates in a controlled and secure Because the shared secret keys are identical, this key is
environment to capture the following critical pieces of used for encrypting and decrypting messages between the
information: two parties. The keylogger captures the critical keystrokes
and operations involved in this calculation.
The private keys a and b are generated and are used as
inputs, The exchanged public keys A and B, Using the data logged by the keylogger, the secret key
can be extracted. Since the keylogger has already captured
Any subsequent keystrokes or data related to the the private keys a and b, along with the exchanged public
calculation of the shared secret.The keylogger captures all keys, it can directly compute the shared secret key using the
user input during the key exchange process including the same calculations as the Diffie-Hellman protocol. This
private and public keys used in the computation. The effectively allows the keylogger to extract the secret key
keylogger is programmed to filter out irrelevant data and without needing to break the encryption or intercept the key
focuses only on the key generation and exchange inputs. exchange through traditional means.

Fig 1: Dataflow Diagram

This diagram represents the data flow in a Private Key  Ciphered Data:
Encryption (Symmetric) system, showcasing the process The encrypted output is known as ciphered data. This
from plaintext data generation to the secure transmission data is now protected against unauthorized access as it can
and decryption of that data. only be decrypted by someone with the correct secret key.

 Sender:  Transmission:
The process begins with the sender, who prepares the The ciphered data is then transmitted over the network
plaintext data that needs to be transmitted securely to the to the recipient. During transmission, the data remains
recipient. secure due to the encryption.

 Plaintext Data:  Decryption Process:

The plaintext data represents the original, unencrypted Upon receiving the ciphered data, the recipient uses the
information that is understandable without any decryption. shared secret key to decrypt the data. This process converts
the ciphered data back into its original plaintext form.
 Encryption Process:
The plaintext data is then encrypted using a shared  Decrypted Plaintext Data:
secret key. This key is known only to both the sender and The decrypted data is now back in its original form, as
the recipient. The encryption process transforms the it was before encryption, allowing the recipient to
plaintext data into ciphered data, which is secure and understand and utilize the information.
unreadable to unauthorized parties.

IJISRT24SEP1080 www.ijisrt.com 3
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

 Recipient:
Finally, the recipient, who possesses the shared secret key, successfully retrieves and understands the original
plaintext data.

Fig 2: Workflow Diagram

The diagram outlines a secure message exchange public keys with the other party to establish a secure
process that includes key generation, key exchange, and the communication channel. This key exchange is crucial for
subsequent secure communication between parties. ensuring that only the intended parties can decrypt the
messages.
 User Login and Registration:
The process begins with the user logging in with their  Message Exchange:
username and password. If the user is new, they have the After the successful key exchange, users can enter and
option to sign up. retrieve messages securely. The messages are processed and
sent using the established cryptographic keys, ensuring
 Secret Key Extraction: confidentiality and integrity.
Upon successful login, users proceed to extract the
secret key. This step involves both the sender and receiver  Message Success:
(first and second parties) generating and sharing necessary A confirmation is provided once the message is
keys. successfully processed and sent.

 Key Exchange:  Logout:

In this step, users generate a private key (P), a Users can log out after completing their activities to
generator (G), and a public key (A). They exchange their maintain security.

IJISRT24SEP1080 www.ijisrt.com 4
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

The results of this study demonstrates that although the

Diffie-Hellman key exchange algorithm provides a
 Hacker Login (Unauthorized Access): mathematically secure method for establishing a shared
The diagram also depicts a potential security threat secret key over an insecure channel, its implementation is
where a hacker attempts to log in using stolen credentials. If vulnerable to endpoint attacks such as keyloggers. By
successful, the keys associated with the communication are capturing keystrokes on one of the communicating parties'
displayed, highlighting a security vulnerability if proper devices, an attacker can gain access to sensitive information,
precautions are not taken. including the private key used in the key exchange. This
effectively compromises the security of the system, as the
IV. RESULTS attacker can derive the shared secret key and, in turn,
decrypt any encrypted communication between the two
parties.

Fig 3: Login

The login page allows users to enter their credentials and securely log into their accounts. The sign-up page enables new
users to create an account by providing necessary information, such as username and password, while implementing validation
checks for data accuracy as shown in fig 3.

Fig 4: Home

IJISRT24SEP1080 www.ijisrt.com 5
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

Options for sending messages from one party to another party and can also logout from the menu page using the logout
option as shown in fig 4.

Fig 5: Key -Exchange

Prime number and the Generator will generate the key as shown in fig 5 and the public key of the party that is selected, and
copy that and then add that to another party.

Fig 6: Message Exchange

Message to the party whose public key has been previously entered and we can check for messages in the retrieve message
option as shown in fig 6.

IJISRT24SEP1080 www.ijisrt.com 6
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

Fig 7: Message Retrieval

Messages sent by one party can be retrieved by another party as shown in fig 7.

Fig 8: Keylogger

The keylogger uses this credential to extract a secret key as shown in fig 8.

IJISRT24SEP1080 www.ijisrt.com 7
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

Fig 9: Keylogger Extracted the Secret Key Using Keyloggers

The exposure to keyloggers is a significant weakness REFERENCES

in the practical implementation of the Diffie-Hellman key
exchange. Although the cryptographic algorithm remains [1]. A. Smith and B. Jones, "Advances in Cryptographic
unbroken, the attack vector presented by keyloggers Protocols: A Survey," Journal of Cybersecurity, vol.
presents a clear and present danger to secure 15, no. 2, pp. 123-145, Mar. 2023.
communications. [2]. R. Williams, "Secure Message Transmission
Techniques: Current Trends and Future Directions,"
V. CONCLUSION International Journal of Information Security, vol. 20,
no. 4, pp. 321-334, Apr. 2022.
In the ever-evolving landscape of cybersecurity, the [3]. M. Johnson, "Keylogging Techniques in
safeguarding of cryptographic keys remains a paramount Cryptography: Emerging Threats and
concern. The Diffie-Hellman key exchange protocol, a Countermeasures," Proceedings of the IEEE
foundational component of modern cryptographic practices, International Conference on Cybersecurity, pp. 45-52,
facilitates secure communication by allowing two parties to Sept. 2023.
agree on a shared secret key over an unsecured channel. [4]. K. Lee, "The Role of Keyloggers in Modern Cyber
Despite its robustness and widespread adoption, the protocol Attacks," Cybersecurity Review, vol. 28, no. 1, pp. 67-
cannot be implemented to all forms of attack. The study 79, Jan. 2024.
explored a critical vulnerability in the Diffie-Hellman [5]. D. Brown and S. Patel, "Undetectable Keylogging:
protocol, namely the threat posed by keyloggers—malicious Techniques and Implications," IEEE Transactions on
tools designed to capture keystrokes and potentially Information Forensics and Security, vol. 18, no. 7, pp.
compromise cryptographic keys. Keyloggers, once primarily 981-995, Jul. 2023.
used for benign purposes such as user behavior monitoring, [6]. L. Gupta, "Reimagining Keyloggers: Potential
have evolved into sophisticated threats capable of Applications in Controlled Environments for Enhanced
intercepting sensitive information, including cryptographic Encryption," Journal of Cryptographic Research, vol.
keys used in the Diffie-Hellman protocol. By capturing 22, no. 3, pp. 112-130, May 2024.
keystrokes during the key exchange process, keyloggers can [7]. J. Harris and T. Wilson, "Cryptographic Key
undermine the security guarantees provided by Diffie- [8]. Extraction: A Novel Use of Keylogging Technology,"
Hellman, exposing secret keys to unauthorized parties and International Conference on Cryptography and
thereby jeopardizing the confidentiality of encrypted Network Security, pp. 150-163, Nov. 2023.
communications. [9]. F. Zhang, "Sandboxing as a Defense Against
Keylogger Attacks," IEEE Security & Privacy, vol. 21,
no. 3, pp. 44-52, May 2023.

IJISRT24SEP1080 www.ijisrt.com 8
Volume 9, Issue 9, September – 2024 International Journal of Innovative Science and Research Technology
ISSN No:-2456-2165 https://doi.org/10.38124/ijisrt/IJISRT24SEP1080

[10]. M. O'Connor, "Advanced Detection Algorithms for

Keyloggers in Secure Systems," ACM Transactions on
Cybersecurity, vol. 14, no. 2, pp. 215-230, Feb. 2023.
[11]. P. Thompson, "Leveraging Keyloggers for
Cryptographic Security Research," Journal of
Cybersecurity Innovations, vol. 17, no. 1, pp. 100-115,
Jan. 2024.
[12]. W. Diffie and M. E. Hellman, "New Directions in
Cryptography," IEEE Trans. Inf. Theory, vol. 22, no. 6,
pp. 644-654, Nov. 1976.
[13]. C. Schneier, Secrets and Lies. Wiley, 2015.
[14]. D. Boneh and M. Franklin, "Identity-Based
Encryption from the Weil Pairing," SIAM J. Comput.,
vol. 32, no. 3, pp. 586-615, 2003.
[15]. A. O. E. E. Stiennon, The Malware Analyst's
Cookbook. Wiley, 2011.
[16]. J. McMillan and S. Anderson, "Keylogger Detection
and Prevention," Journal of Cybersecurity, vol. 19, no.
2, pp. 187-199, Mar. 2022.
[17]. X. Zhang et al., "Keyloggers and Diffie-Hellman
Vulnerabilities," IEEE Int. Conf. Cryptography and
Network Security, pp. 321-330, Oct. 2023.
[18]. R. Anderson and P. Kuhn, "Tamper Resistance: A
Cautionary Note," USENIX Workshop on Electronic
Commerce, pp. 1-11, Nov. 1996.
[19]. S. Patel, "Secure Input Methods Against Keyloggers,"
Int. J. Inf. Security, vol. 25, no. 6, pp. 421-430, Dec.
2023.
[20]. K. Zhao, "Behavioral Analysis for Keylogger
Detection," ACM Trans. Priv. Security, vol. 19, no. 3,
pp. 145-163, Aug. 2024.
[21]. M. Singh and A. Kumar, "AI in Keylogger Detection,"
J. Machine Learning Res., vol. 30, no. 2, pp. 123-137,
Jun. 2024.

IJISRT24SEP1080 www.ijisrt.com 9