Bruce Schneier
Schneier on Security
A blog covering security and security technology.
« More Security Countermeasures from the Natural World | Main | The Insecurity of Secrecy »
July 2, 2009
Information Leakage from Keypads
Can anyone guess the entry codes for these door locks?
There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.
Posted on July 2, 2009 at 12:09 PM • 79 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
The first may have few possibilities, but I would start with 1968, followed by 1986.
Posted by: Joel F at July 2, 2009 12:39 PM
I'm gonna guess 1986 and 1234.
Do I win one of the locks?
Posted by: Rick Auricchio at July 2, 2009 12:41 PM
Talk about leakage! The left-hand picture discloses not only the combination that was in use for the longest time, but also a second shorter-term combination, helpfully highlighted with a ball-point pen!
Posted by: MarkH at July 2, 2009 12:57 PM
That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!
Posted by: mph at July 2, 2009 1:14 PM
I've seen plenty of these used instead of intercoms on apartment buildings. The elderly residents never can figure out how the youngsters manage to get in without knowing the code.
The funnier part is that guessing the order is not even really needed in most cases. Pressing all 4 'correct' buttons simultaneously for a few times within a short interval tends to confuse the keypad into thinking you've typed the correct code.
Posted by: Ender at July 2, 2009 1:22 PM
If the locks always look for a match in the four last numbers, which is very common, you can type in the 24 combinations so they overlap each other, with a sequence like:
123412314231243121342132413214321
which is only 33 key presses instead of 96.
Posted by: jc at July 2, 2009 1:36 PM
So that's why IT departments insist you change your password every 30 days. Same attack works on keyboards, right?
Posted by: noah at July 2, 2009 1:52 PM
The second keypad reminds me of a segment of a certain brilliant video game short: http://www.youtube.com/watch?v=nnuYi-nzE90 (20 seconds in)
Posted by: The Snooze at July 2, 2009 1:52 PM
These are nice examples, thank you.
Those of you with more robust keypads don't be smug - you know who you are. There are various techniques to recognise frequently used combinations.
One technique used to be to paint the keyboard with a solution containing washing powder. The keys that aren't part of the combination glow under UV light.
A former employer inherited an office with a mechanical combination lock, but no combination. I examined it and told them the sequence. They asked if I could change that sequence, to which I replied "Yes, but I recommend you replace the lock".
I like these combination locks: http://www.kaba-mas.com/a.php?page=x-09_main. Shame about the price.
Posted by: Mark at July 2, 2009 1:57 PM
Our combo locks here have blank caps and LED displays underneath which generate a pseudorandom layout of numbers each time you use it. This makes them hard to shoulder surf, since you have to be right over them to see the numbers, and makes it irrelevant to see which physical key is pressed since the number each key represents is randomized every access.
Of course the 7-segment LED layout makes it hard to tell a "1" from a "7" or "9" from "8" etc; so you cant enter your code as rapidly as you would if you knew where the key was going to be cause you actually have to hunt them up each time.
Posted by: bob at July 2, 2009 2:07 PM
The first one's more likely 1968; it's a more probable birthdate for the owner/installer of the lock, given the age of it. :)
-- C
Posted by: Cerebus at July 2, 2009 2:08 PM
Years ago I worked in an office that had those 5 button "Simplex" door locks.
They didn't suffer from this obvious wear (the buttons are just matte finished metal with no printing or engraving on them), and they actually did change the combinations occasionally.
But it occurred to me that it would be fairly straightforward to get substantial information about the combination by surreptitiously applying a tiny dot of ink to each of the five buttons. Then come back later to see which dots have been worn off.
If only three buttons are used, the search space is only 240 possible combinations (including the chords that Simplex locks allow.) A feasible attack, given enough time alone in the office at night.
Posted by: McGregorMortis at July 2, 2009 2:11 PM
Sorry, that was silly of me...
240 is the space of all possible 3-digit combinations. If you know which three digits are involved, the search space is only 24 combinations.
Posted by: McGregorMortis at July 2, 2009 2:13 PM
A related thought:
The old Master combination locks would reveal the final digit of the combination if you pulled the shackle and turned the dial. And, there was a pattern to the digits that eliminated all but 100 possible combinations once you knew the last digit. I used to be able to open one in 10 minutes. (The new ones are a little better.)
Posted by: Jeff Kenton at July 2, 2009 2:56 PM
And, of course, if you want to be sure to open it first time, once you've found the digits you can apply your ink (although I've been reliably informed that a tiny bit of butter works fine - not to mention being easy for people to explain away as some filthy git smearing their lunch-covered hands all over the place) to one of them and figure out that number's position in the code.
Posted by: user@example.com at July 2, 2009 3:01 PM
@McGregorMortis,
i have come across many of these Simplex locks, I have yet to find one that has taken me more than 90 seconds to get into without ANY knowledge of the combination, this includes combinations with chords and 4-digit combinations.
Posted by: Bahggy at July 2, 2009 3:04 PM
@Bahggy: do those locks leak information as you type the combo? or do people just pick weak combos that are easy to guess?
Posted by: RH at July 2, 2009 3:13 PM
For newer door locks:
1) Wipe the buttons clean.
2) Apply a thin layer of olive oil on the buttons.
2) Wait for someone to enter.
3) Blow flour (or some other powder) on keys.
4) Try the 24 combination sequentially or pressing all of the four buttons at once many times.
Posted by: UC at July 2, 2009 3:25 PM
I have read documents describing how the Simplex locks are subject to the same kinds of attacks as other combination locks. Mechanical tolerances that let you feel out which buttons are offering more resistance than others.
I've tried (briefly) using those methods to crack them, but I guess my gorilla fingers don't have the magic touch.
Posted by: McGregorMortis at July 2, 2009 3:27 PM
Sorry, 1982.
Or perhaps 1928 if the flat is owned by very old people
Posted by: Da Scritch at July 2, 2009 3:34 PM
@ Angel One
"Where are those pictures from?"
Everywhere...
We once came off a park trail a few minutes after closing time and found ourselves locked behind a access control gate. While my family began debating who to call for assistance I drove up to the control box, punched in 1, 2, 3, 4 and we were on our way.
Posted by: mcb at July 2, 2009 3:42 PM
As Bob noted above you can get locks with LED/LCD 7 seg displays in or adjacent to the buttons that change randomly.
The big disadvantage of them is that due to "security" the keypad has to be placed at "eye hight" and key entry is slow. Which means that you can easily see which keys have been pressed.
"So what" you say "it does not matter as it's random and there is no information to be gained". The chances are there actualy is...
Now being an engineer of embedded security and safety systems for many many long and weary years ;) I learnt one thing about my co-workers and their bosses KISS is a mantra that gives rise to insecurity big time.
I'm willing to make a small bet that if you examine the code used for the random selection in the average "random" lock, you will find,
1, It's entirely determanistic.
2, It is time based or of a short sequence.
3, The sequence is likley to be easily worked out either forwards or backwards.
4, There are likley to be easy ways to "reset" the sequence to a known state (for when one or more 7seg displays fail and a service tech needs to open the door for a customer).
So if you see which keys are pressed and either before or after have made a note of the "random selection" then the chances are you will be able to move forwards or backwards in the sequence and work out what the door code is (and chances are in England it will be 1966).
I'm guessing within a year or two we will see Bruce blog about such an exploit against a "high tech random keypad lock".
Posted by: Clive Robinson at July 2, 2009 4:38 PM
@UC
These kind of attacks are called "chemical combinatorial" attacks on keyboards:
Posted by: addict at July 2, 2009 5:48 PM
Clive -- what is special about 1966 in the UK? (1066 I could understand!)
Posted by: ColoZ at July 2, 2009 5:52 PM
I noticed this problem on the keypad at a friend's house and pointed it out to him. He said he wasn't worried because most thieves are drug addicts and most drug addicts aren't very smart (otherwise why would they become addicts?) so they wouldn't be able to figure it out. Fortunately he didn't live there long enough to be proven stupid.
Posted by: Erik at July 2, 2009 6:32 PM
@noah
No, the same trick should not work on a computer keyboard, unless the only keys you ever press happen to be the same keys that make up your password.
For almost all users, the amount of normal typing they do should dwarf the keypresses used to enter their password.
On a lock keypad, typically the only keys pressed will be those belonging to the access code (unless someone typos or is just pressing buttons randomly)
Posted by: Jake at July 2, 2009 6:44 PM
@McGregorMortis
Years ago I worked in an office that had those 5 button "Simplex" door locks. ... If only three buttons are used, the search space is only 240 possible combinations (including the chords that Simplex locks allow.) A feasible attack, given enough time alone in the office at night.
Those locks suffer from a security weakness caused by the mechanics: a button can only be used once in a combination -- you cannot have a repeated button press. This dramatically reduces the total number of possible combinations. It's possible to try every possible valid three-digit combination in under 5 minutes (the voice of experience).
Posted by: phil at July 2, 2009 7:11 PM
My laptop's keyboard has the keys A, S, D, M, and N partially worn off. A, S, and D are probably from all the video gaming, but I can't explain M and N...
Posted by: Heron at July 2, 2009 7:24 PM
@ ColoZ,
"what is special about 1966 in the UK?"
Ahh it has to do with something refered to as "the glorious game", for non Americans Football and for Americans Socca.
Also as I said it is specific to England not the rest of the UK (Scotland Wales, NI is technicaly not part of the UK).
1966 was the last time England officialy won the "World Cup".
As for 1066 that was when we Anglo Saxons got invaded by that illegitamate Norman upstart, who later started the hate of all good honest men the Census, by which taxation could be imposed on those undertaking honest toil.
I think most would agree 1066 it is a date to associate with infamy, not national achivment.
Posted by: Clive Robinson at July 2, 2009 7:33 PM
@Clive Robinson
I think you'll find that the UK government considers NI to be part of the "United Kingdom of Great Britain and Northern Ireland"
Not part of Great Britain, but part of the UK.
Posted by: Bruce Clement at July 2, 2009 10:13 PM
I was going to say to dust the keypad for prints, but others beat me to it. At a place I used to work at, I made sure to press every key after typing in my code, just to make sure there was no easy pattern wear.
Posted by: jammit at July 2, 2009 10:49 PM
Not so foolish people, actually. The first combination may be 2430 or some other number that does not include 1689. Artificially wear down the covers on four incorrect number pads and any would-be thief may spend hours trying to guess the combination.
Once at a facility in Angola, I was given a key and directions to the door it would unlock. When I got there, instead of a keyhole, I was presented with a combination pad. I was about to give up and return when the man who had given me the key came around the corner, apologized, and showed me how the keypad flipped open presenting a keyhole behind it. Interesting security.
Posted by: Nimby at July 2, 2009 11:18 PM
Information Leakage: in the second picture you can see a face on the keys.
Posted by: brainfart at July 3, 2009 3:08 AM
Nimby: Yes, "security by obscurity" can create some interesting solutions even thou they are no good at deterring a true threat :-)
Posted by: Daniel Wijk at July 3, 2009 3:12 AM
Why is this a security issue? You have failed to consider the economics. Maybe this keypad is in a nursery, on the door to the toilets. Children are prevented from wandering in. But adults can access with ease.
We have an insecure keycode for the baby changing room in our building -- is this a security risk?
Posted by: Economics... at July 3, 2009 4:21 AM
1234, 0000, 4567, 0123 all are fine; wondering whats the logic behind 1986 & 1968...
Posted by: Ramki B Ramakrishnan at July 3, 2009 4:30 AM
@brainfart
"Information Leakage: in the second picture you can see a face on the keys."
It looks more like a hand.
Posted by: A nonny bunny at July 3, 2009 5:07 AM
Using my RSA SecureId password generator requires entry of a six digit number. Each time after I use it I then press all the unused numbers several times to even up any wear or other markings. Simples.
Posted by: Nicholas Bohm at July 3, 2009 5:48 AM
Cerebus: It's at least as likely to be a graduation date as a birthdate.
One of the BIG problems with this kind of lock is that the same combination is used by everyone who has access. If you're going to do that, you may as well hand out physical keys.
The *advantage* to a keypad system, in theory, is that you can give everyone a different password (possibly to be combined with swiping an ID card), and so this provides an audit capability: you can tell who came and went at what time; this protects against the "inside job", which is a significant value.
If you aren't going to do that, just use a regular old lock and hand out metal keys. It's cheaper.
Posted by: Jonadab the Unsightly One at July 3, 2009 6:09 AM
@Jonadab the Unsightly One
One of the BIG problems with this kind of lock is that the same combination is used by everyone who has access. If you're going to do that, you may as well hand out physical keys.
Actually you'd probably be better off handing out physical keys. Whilst it might be harder for someone to forget a short number than lose a physical object it's also a lot easier for this information to be copied. There is also no easy equivalent to taking a key away from someone. You'd need to change the number and ensure that everyone who needs to know is made aware of the change.
@Jonadab the Unsightly One
The *advantage* to a keypad system, in theory, is that you can give everyone a different password (possibly to be combined with swiping an ID card), and so this provides an audit capability: you can tell who came and went at what time; this protects against the "inside job", which is a significant value.
The latter is a "two factor" system. Effectivly the ID card is performing the function of a physical key. In this kind of setup a smart insider would need to both memorise someone's number and get hold of their card to leave a false trail.
Posted by: Mark at July 3, 2009 8:43 AM
The first one is actually 9816. You can guess how I know that... :-)
Posted by: Miguel Farah at July 3, 2009 9:22 AM
I encountered this type of lock when I worked as a government auditor. Our copy of the database of all medical records for 'the jurisdiction we were responsible for' (I won't name the jurisdiction but it encompassed millions of individuals) was protected by a lock I could, and did, bypass in minutes. Other controls were installed after my demonstration.
Posted by: withheld at July 3, 2009 9:36 AM
@ Bruce Clement,
'I think you'll find that the UK government considers NI to be part of the "United Kingdom of Great Britain and Northern Ireland"'
Yes but what is the overriding operator and why...
That is, is it,
(United Kingdom of Great Britain) and Northern Ireland
United Kingdom of (Great Britain and Northern Ireland)
You are saying the latter, whilst I'm saying the former which is the historical order it happened.
Also politicaly NI is in a very peculiar position as it is (supposadly) jointly governed under a power sharing agreement with what is now another sovrign nation which was once part of the greater whole.
Likewise people born in NI are the only people who are officialy have dual nationality and two passports (this minor little problem was the real nail in the ID card plans coffin)
Posted by: Clive Robinson at July 3, 2009 11:04 AM
Hi Bruce,
Great example of a problem with most keypad-based combination locks. Do you own the rights on these photos? If so, would you let me use them on my site (www.lockpickingforensics.com) ? They'd go in the Decoding section as a "visual decoding" type attack.
Let me know!
Thanks,
datagram
Posted by: datagram at July 3, 2009 12:01 PM
@datagram: I took the left-hand picture. I can send you the high-res version if you need it.
Posted by: Miguel Farah at July 3, 2009 1:08 PM
Fingerprint dust is also very useful for working out which 4/6 numbers make up the combination.
Posted by: David Webb at July 3, 2009 1:31 PM
That's amazing. I've got the same combination on my luggage.
Posted by: KrazyNomad at July 3, 2009 3:15 PM
@Ramki B Ramakrishnan
"1234, 0000, 4567, 0123 all are fine; wondering whats the logic behind 1986 & 1968..."
Actually, 0000, 4567, and 0123 are not indicated by the second picture. The keys for 1, 2, 3, 4, and Enter are the ones that are worn (they're shiny, polished smooth by many finger-presses).
In the first picture, the logic behind guessing 1986 and 1968 is that important years (wedding, birthdate or graduation of oneself or a loved-one, etc.) are too often used as numeric codes because they are easy to remember.
Posted by: Joel F at July 3, 2009 3:19 PM
@hilbertastronaut
I've never played Nethack, so it can't be from that ;)
Posted by: Heron at July 3, 2009 6:00 PM
Keyboards can't be subject to the same kind of attack, because surely your password is one of the more unusual things you type on it. I would be surprised if every keyboard didn't more or less reflect the letter frequency of the user's language, right?
Posted by: partdavid at July 3, 2009 6:37 PM
@ partdavid,
"I would be surprised if every keyboard didn't more or less reflect the letter frequency of the user's language, right?"
Wrong but your idear is correct.
It will reflect the letter frequency of the data entry performed at the keyboard.
So if it's word proc (about 80% of keyboard use) then you are likley to be correct.
However if they are a sloppy German programer who does not comment code for instance, then the keys are more likley to reflect a limited subset of English than German. If however they are a good German programer who comments their code well then it would be nearer to German...
So first you have to "know your target" or have a list of "frequency tables".
It has been suggested that the likes of the NSA have many lists of frequency tables not just of individual letters but bi-grams, tri-grams and conectives for many languages and activities.
However I suspect that that is not the primary way they deal with recovering encrypted files these days (but the method would be invaluable for the first steps in automated cataloging etc of plaintext).
I suspect NSA&Co use automated probable plain text bassed on the "style" gumf that modern applications put in files and "rainbow tables". (think a more upto date version of the Unix "magic file").
Posted by: Clive Robinson at July 4, 2009 7:31 AM
Cipher locks are subject to this as well. A friend, whos job is manage the cipher locks on safe rooms (SCIF's etc) pointed out that a light dusting of graphite on the buttons will quickly show use patterns as well.
Posted by: jlc3 at July 4, 2009 10:28 AM
What if it is a 6-digit code, or an 8-digit code?
Your smart, clever, happy smiling face will turn in a not-so-happy face, standing "at this side" of the lock door :-)
Posted by: Jose DelaFuente at July 4, 2009 10:22 PM
"Information Leakage: in the second picture you can see a face on the keys."
"It looks more like a hand."
no, the figment is *always* mother mary, gbus, the proctology & gamble man, or the like. (smeary specs)
Posted by: got toast? ;-P at July 5, 2009 9:59 PM
We had a brilliant system where I used to work that anyone could bypass in a matter of seconds. There was no limit to the number of key-presses, and it
simply tested if the last four keys matched one of the correct codes; typing 123456789 would open the door if e.g. 3456 or 4567 was correct. On top of that we all had unique 4-digit codes. :)
Posted by: tommy at July 6, 2009 8:37 AM
"12345?! That's amazing. I got the same combination on my luggage!"
-- Spaceballs
Posted by: Ross at July 6, 2009 10:40 AM
This makes me think of last month when joining a reward club at our local casino.
I had to choose my own 4 digit pin, but when I chose 2580 I was told by the clerk that I "couldn't have a recognised pattern" and when I tried my birth year I was told I "couldn't have two consecutive numbers".
After five attempts I finally got an "acceptable pin code" (and a grumpy clerk)
My guess is that after all the validation rules the 10000 random possible codes is reduced to 70 really hard to guess ones.
Trust a casino to calculate odds on this stuff.
Posted by: mark at July 7, 2009 4:15 AM
@Jonadab the Unsightly One:
> If you aren't going to do that, just use a regular old lock and hand out metal keys. It's cheaper.
Actually, it's often not. The cheapest grade of these electronic locks are under a hundred dollars, so it doesn't take many system users before the cost of cutting keys for the mechanical system outweighs the electronic system and its free key issuance. If you pay $40 for a really nastily cheap mechanical lock and $3 for each key cut (the price varies widely but this is the ballpark for simple pin tumbler keys), then you only need to issue about 20 keys before the electronic lock would have been cheaper.
If the lock is for the lobby of an apartment building with 50 apartments and 100 residents, and if they change the key / code each time someone moves out, then you quickly discover that:
a) even a reasonable quality $600 electronic lock becomes cheaper after just a few weeks; but also
b) issuing individual PINs is not only better security, it also requires *less* management work in changing and re-issuing PINs.
(Of course, if you have 100 valid PINs in the system, you really should have more than 4 digits for a PIN!!)
Posted by: Roger at July 7, 2009 7:46 AM
"If however they are a good German programer who comments their code well then it would be nearer to German..."
A good german programmer who comments his/her code... nearer to German?
Who comments their code in German?
Except for children, commenting programming code in any other language than english is uncommon even among programmers that speak German.
Posted by: fri at July 7, 2009 1:57 PM
After a decade-plus as security administrator of this type of lock system, I began to appreciate the merits of:
(1) assigning a (significantly) different code to each of the different user groups for the same set of locks;
(2) identifying an easy-to-use aid to memorization for each change of code for a specified user group, which kept the code for that group substantially distinct from the code currently used by each of the other user groups; and
(3) making damn sure that I had designated enough distinct user groups, to keep the frequency of change (based primarily on employee departure) down to a workable level.
Posted by: Leroy F. Berven at July 8, 2009 12:51 AM
@ Heron:
"My laptop's keyboard has the keys A, S, D, M, and N partially worn off. A, S, and D are probably from all the video gaming, but I can't explain M and N..."
**************
Hypothesis: "M" and "N" are typed with the first finger of the right hand, which for the majority is the strongest at poking motions, hence more force applied. Same applies to "J", but the letter is used much less often. "U" and "Y" require an upward-reaching movement with a more-extended finger, which would produce significantly less force than M/N, which put the finger in its strongest position, about 90 degrees flexed. ... the same reason that on a biceps-curl exercise machine, your arm is strongest at about the 90-degree flex position.
For A/S/D, going a little farther out on a limb here (so to speak), but for the majority, the left arm and wrist are weaker, and so the hand may rest more heavily of its own weight on these keys than on the right-hand home keys. Add the fact that it would take some muscular effort to rotate the forearms inward to even the pressure; therefore, "F" receives less natural resting pressure than ASD. Perhaps a stronger right arm reduces the effect of this phenomenon on "K", "L", ";".
Theory concocted on the spot on a US laptop keyboard. Check it for yourself. Comments from all testers welcomed.
**
@ All of our British friends: Nothing for 1215? Surely a great date in the history of freedom, and this Yank thanks you for one of the seminal incidents leading to the Enlightenment and to the ideas that inspired the US's Founding Fathers. Cheers.
Posted by: Tom at July 15, 2009 11:38 PM
Well, I'm not sure the second is 1234. Our door code is actually 3214.
Posted by: bud at July 16, 2009 4:56 AM
Many of the rolling medication carts that were once used in hospitals (and are still used in many nursing homes) have similar locks.
The default combination on them was 1986. Never could decide why similar medication carts from different manufacturers used 1986 as the code, but I worked in dozens of hospitals and the codes had never been changed.
Posted by: JL at July 16, 2009 8:39 AM
I saw exactly the same thing at a farm where my son's band were practising in the studio there. However, I would not stand around trying more than a few attempts due to the number of rottweilers that were also proetcing the premises!
Posted by: Bob Oliver at July 28, 2009 6:19 AM
It can be a tiny little bit more secure to have three different digits instead of four.
http://alicebobandmallory.com/articles/2009/09/...
Posted by: Jonas at September 28, 2009 11:23 AM
After you open a door using a 4-digit combination, before you pass, take a moment to press the remaining 6 digits on the keypad.
Posted by: Kerry at August 12, 2010 10:36 AM
I found a bug with my apartment entry system: the resident pushes 9 to allow the person outside to enter when they call, but though the box disables the outside keypad during a call, it will still open the door if you hold your cell phone up to the microphone and press 9. So you just need to call someone, and during the phone ringing, push '9' on your cellphone to make the tone, and the door will open.
The manual for the system was available online, and it mentioned that it is designed for use in military installations and other secure facilities.
I thought about testing it on more systems and writing a security paper on it, but I figured there wouldn't be much interest in it, and that it would be hard to get published.
Posted by: Guy at August 12, 2010 11:25 AM
Subscribe to comments on this entry
Post a comment
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.
|
| Blog Menu |
SearchBlog Home Page
Archives by Date2012 J F
  |
| Latest Book |
more books by Bruce Schneier |
| Syndication |
|
Full Text Feed
Excerpts Feed |
| Translations |
|
German
Italian |
| Crypto-Gram Newsletter |
|
If you prefer to receive Bruce Schneier's comments on security as a monthly e-mail digest, subscribe to Schneier on Security's sister publication, Crypto-Gram.
read more |
Comments