Dreamlab Technologies claims that it has cracked the encryption used by Microsoft’s wireless keyboards and its base station. As a result, Dreamlab can now sniff all keystrokes sent from Microsoft’s keyboards on the 27 MHz band.

Dreamlab Technologies was able to tap and decode the radio frequencies by using just a simple radio receiver, a sound card, and some suitable software. Keyboards that use Bluetooth for communication are not affected by this flaw.

According to Heise Security:

“Max Moser and Philipp Schrodel say that decryption was very easy because the devices use a simple XOR mechanism for encryption and the keys are only one byte long. They claim that even a PDA with a slow ARM-CPU would have derived the combination quickly. Aside from not using such keyboards, there is no workaround. Microsoft has yet to react to the Swiss firm’s announcement.”

The eavesdropping was done at a distance of 10m using standard equipment, which isn’t so bad. The concern is that with appropriate technical equipment, larger distances are possible.

You can read the press release (pdf) or the whitepaper (pdf) for more information about the exploit.