Schneier on Security
A blog covering security and security technology.
« Understanding Terrorist Behavior |
| P = NP? »
November 3, 2008
Duplicating Keys from Photographs
EDITED TO ADD (11/3): Here's the paper.
Posted on November 3, 2008 at 1:35 PM
• 44 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I'm less impressed. All the needed components to automate this have been around for some time.
I saw that too , pretty interesting. But i think that if someone want to brake in your house, and they are good at this ,no wooden/iron door will stand in their way.
This is interesting, but "lock bumping" seems far more practical, except for locks designed with some actual security in mind. Those locks often have a large pool of key blanks, and the needed one would be hard to discern from a photograph. I guess if you had a photo of both the key and the lock you'd know enough, however.
Keys protect access to your house. Your house contains books, CDs and other forms of copyrighted material. Therefore, taking a picture of a key in order to make a copy of it is an infringement of the DMCA. Problem solved!
I'm sure there is also a similar easy way to apply the Patriot Act somehow to make the act of taking a picture of a key a terrorist act. Problem doubly-solved!
Once again, comic books are ahead of the game. In one story from many years ago, a locked-up Batman shushes Robin so he can remember what the key looked like to make a duplicate and escape.
the authors admit nothing is new other than economics.
they're just making the common-man argument:
"we argue that the threat has turned a corner—cheap image sensors have made digital cameras pervasive and basic computer vision techniques can automatically extract a key's information without requiring any expertise"
newsflash. digital camera technology and software is now cheap and easy.
next this research team will prove that you can balance a checkbook, file your own taxes, and even create a photo album without requiring any expertise.
I agree. Cool, but an obvious idea and relatively simple to implement (you don't really need anything more than Photoshop's perspective transform tool).
You would need an oblique shot; or separate profile and face on views to get the tumblers AND the blank. Plus you would need an idea where to find the lock that the key fit.
The article makes an interesting point; why are there not locks that have "chips" inside such that your $150,000 house has as much (lock) security as your $20,000 car.
because it will prove difficult to stole the house. some furniture maybe...
Excellent point. Reminds me of Steve Wright:
"One day, when I came home from work, I accidentally put my car key in the door of my apartment building... I turned it... and the whole building started up.... So I drove it around.... A policeman stopped me for going too fast... He said, 'Where do you live?'... I said, 'Right here'... Then I drove my building onto the middle of a highway, and I ran outside, and told all of the cars to get the hell out of my driveway."
I'm with Bruce on this one.
It is impressive for a slightly less than obvious reason.
It has been known that people can copy keys by sight for over one hundred years by prison guards (which is why they are always told to shield thei keys). And I did it myself when in my early teans with a standard mortice lock key commonly used by many organisations (the so called Fire Brigade One or FB1 key used across London for tower block roof entry and usually stored behind a "break glass").
But implicitly we always assumed the copier would have to be quite close and very good both in eyesite but memory as well. And that is the real point,
That is current "lock security" is based around the limitation of humans (just like passwords), and we have to write (cut) the secret down and carry it around with us...
What the students etc have shown rather well is that what is difficult for humans is almost easy for digital systems.
In "our" digital security world we kind of accept that. But you now take this down the corridor to the guy in charge of physical security and see what he says.
What a lot of people in his position will unfortunatly do is assume what digital breakes digital can protect...
And as we know price for price digital locks are less secure than good mechanical locks.
Oh and there is "of course" one obvious defense against the long range attack that "will of course work" security by obscurity...
The argument will be put a lot of keys on your ring with the important ones surounded by unimportant ones. This will help break up the profile refrence but also as a Yale key is keyed in two dimensions will also help break the pattern of groves along the length of the key...
But as we know from experiance those groves are not secret a photo of the lock face will show that, and the chances are that once you profile an outer key you will be able to use that as a refrence to the next and so on.
Special offer! For only $9.99 (plus p&p) we will supply you with the fantastic "Foreskin for Keys" (patent pending) product. Designed to protect your keys from prying eyes, this convenient foam cover slides over the business end of your key and then attaches permanently to the handle part using the provided sticky patch. When you use the protected key, the foam cover slides smoothly back without interfering with normal function, yet simultaneously stops anybody else from visually recording the key pattern and later making duplicates. Plus - your trouser pockets last longer!! Don't wait - call us now....
I guess that would not be a Kosher item.
there are locks with chips inside... in Switzerland at least they're quite common. i won't name any brand, of course ;)
Photographing keys...mostly FUD. Once the photograph is taken, it becomes nearly perfect evidence of a crime or criminal intent.
I have refrained myself of posting photos of my keys for a long time. I had the suspicion someone might have come up with this.
So you're going to arrest/convict people for having pictures of keys now? That's as bad as the DMCA.
So why not a sprung sheath around the key that pushes back into the handle when you press it against the lock-face?
This applies only to box standard keys which ok are the majority in use.
What the paper doesn't deal with are the keys using side bars or variable depth cuts into the surface (think of a rectangle block as key form with drilling in top and bottom).
But the most common attack is brute force (drilling), deception and force (lock bumping) or circumvention (break the glass). For 99%+ of burglaries this technique is just too sophisticated.
As far as security is concerned it will jeopardise the security of high end buildings with weak physical key defense. While not commonly known there are three-dimensional locks available for which keys are normally only available from the companies themselves.
While not safe against this type of attack most key cutting machines can't produce these keys (not configured) or the raw key is very hard to get.
In Germany, there was a man on TV that was able to copy keys by only looking to an original key for a couple of seconds. And he did this only using his hands, a rasp, and a bench vise!
Unfortunately adding electronics to locks may not be a universal solution. What happens if the electricity quits? You then need to make the lock unlock (!) automatically so that in case of fire people can actually get out, and firemen get in.
Another point to consider is that electronics in cars have proven their weaknesses. I found this in the archives: http://www.schneier.com/blog/archives/2007/11/...
Seriously, what is impressive about that. At least in the European countries I lived, noone would use such inherently insecure keys for anything which needs security. It is probably much easier to open these locks with picks in a matter of seconds.
In scientifical context, the same method has beed used to clone a key to open a voting machine last year: http://www.bradblog.com/?p=4066
My keys for both work and home have wells/holes on the sides. And a double grove on both edges. The locks them selfs have anti picking pins as well. Even bumping would be very very hard (if possible at all) with these locks....
But then the keys and locks cost a mint.
This is Joshua Shin, a reporter of AVING.
I am writing to invite you to the WPBA.
The World Professional Blogger-Journalist Association (WPBA) is an international organization uniting professional bloggers worldwide in the cause of the rights and interests of regular members. Our mission is to help bloggers connect, partner, share, inspire, and multiply their contributions.
There will be 50 well-known IT-oriented bloggers from 30 countries like GIZMODO, DIGG, Collestgadget, Newlaunches, etc and almost 100 Korean bloggers.
We will support your flight ticket and accommodation during the event.
The conference will be taking place in Seoul, Korea on 17 November. This invitation includes the opportunity to have Seoul city tour on 18.
For more information, you need to click on the link below.
Let me know if you are able to attend at the event.
Hi Joshua, have you tried reaching him at schneier at-sign schneier period com...he does seem to read his email...
@Knut: the lock manufacturers do try to prevent the sale of blank keys to untrusted parties, but anyone with a small manual or CNC grinder can make them, if given a sample key.
This probably doesn't happen very often, because it has to be one of the hardest ways to get into a building. It is, however one of the least suspicious ways to get it. People who just walk up to a door, and open it with a key on their keyring, aren't quite as likely to be questioned by anybody who happens to see them as they would if they opened the door with a crowbar.
@Alan: I would expect the door lock electronics to be battery powered.
And a lock should allow egress regardless of what state it is in (like Ford automobiles do and Chevys, Hondas & Chryslers dont).
I clearly recall working, many decades ago, in a building that, for some reason, had a locked exit door. Right next to the exit door was a glass cylinder with a key for the door. In an emergency, one would break the glass, take the key, and exit. The key was clearly visible though the glass. However, most of the key had been wrapped in aluminum foil---obscuring the bumps and valleys---and making such an attack impossible. The purpose of the aluminum foil was clearly to prevent one from seeing how the key was cut.
That's not such a wonderful idea - someone who wished to trap the people inside (for whatever nefarious reason) could bust the glass and take the key and either have another escape route planned, or if it's one of those locks that's keyed on both sides, just lock everyone in. That's one thing about exit doors, there's too many reasons to have it easy to get out and very few not to.
As a historical note several people have made the claim of having invented the "unpicable lock" and so far with the mechanical key variety they all appear to have been proved incorect in their claims.
The simple fact is that all mechanical items have "manufacturing tolerance" or "play in the mechanisum". Importantly it increases with use.
This slack is what a person picking the lock uses to "feel the tumblers" or "impression the lock".
Now although having a key that has tumblers or pins in two or more dimensions might stop it being picked with a "pick gun" or "picks" it will not stop the lock being impressioned by someone who has the time and knowledge of the locks construction.
And as I know from designing them electronic locks have all sorts of "design compramises" that means there are ways to get around them. Most of the compramises are to do with either percieved "user conveniance" or quite often post design "cost reduction for manufacture".
You only need look at the recent "red faces" around transportation "fare payment" systems to show that even "crypto" based systems are vulnerable one way or another when a system is mass produced to a price...
As once noted "if it can be made, it can be unmade".
@Davi and asdasd
Also from Steven Wright:
"One day I got home and everything in my apartment had been stolen....
and replaced with an exact replica."
And one more just for the "lulz":
And Google for the win:
During WW1, before the invention of radar, battleships were painted in bright, angular, garish lines. It's supposed to mess with the enemy gunners eyesight, since every shot was visually acquired. It was called razzle dazzle. It might be helpful to have garishly colored keys. It might be enough to mess up the chroma key on a camera, although I'm pretty certain greyscale will break that.
Didn't they just then use color-blind gunners in response?
I'm not going to do anything. Somebody else might.
It's questionable if razzle dazzle even worked in the first place, although the attempt was to confuse by having a bunch of boats painted in this odd manner all floating around. It makes it harder to hit the good target. It's something like trying to find one zebra in a moving herd.
Btw this paper was presented at ACM CCS...
There are at least 2 other CCS'08 papers that are, IMHO, also worth reading : "spamalytics" and "code injection Attacks on Harvard-Architecture Devices"...have fun...
Those of us who attended Defcon this year were treated to a much more exciting feat:
In short, Tobias Bluzmanis, Marc Weber Tobias, and Matt Fiddler figured out how to exploit this technique on Medeco locks.
@jammit:"During WW1, before the invention of radar, battleships were painted in bright, angular, garish lines"
Cheers for the reference. Can't remember where I saw/hear about it, but I think crimials went through a period of painting their handguns yellow with similar intent (getting the police or whatever to hesitate for a fraction of a second).
With reference to the original post; while it is quite a nice curiosity, it would probably be easier and quicker to just put a brick through a window or at a "pinch" (sorry, had to do it), pick the lock.
However this idea may have wider applicability, almost any time I've seen RSA's securid tokens in use they are generally left on the person's desk after first use. That pretty much degrades the security.
This looks pretty interesting! I think we need have some security towards photos too nowadays!
I don't think the arrangement led to any serious hazard.
The key in the glass cylinder was for an alternate exit from the building. The main exit was through an unlocked door to a hallway at the other end of the building. The building was a 1-story building with windows. So, locking the door would not strand people in the building. The building was a 1-story WW-II temp for those of you who can recall this building style. Anyway, I think most of us could have kicked out the door if we tried hard.
Big toys for people with big fantasy. The problem in Darvin's population theory, isn't it?
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.