Master Key Copying Revealed
from the a-lesson-from-digital-to-analog dept
When I was in high school, for some unkown reason (really, I have no idea why I did this) I asked an art teacher of mine if he knew how to pick locks. I was just a curious kid, but I hit the jackpot. The guy knew all about picking locks, and spent a couple hours teaching me the basic idea behind locks and how to pick them, as well as how to make lock picks. It was a useful skill to have (though, of course, never for anything illegal…). I’m long out of practice, and a recent attempt to open up a door (locked due to a forgotten key) ended in failure. However, I’m still very interested in the subject. Now, a security researcher at AT&T has taken some of the concepts that hackers use to break into computer systems and applied them to regular keys and locks. In doing so, he discovered a method by which just about anyone can take an ordinary key and create a master key that will open all the locks in that building. Basically, he’s found a huge security hole… in regular door locks. Of course, unlike computing systems, it’s not so easy to just download a patch for your doorknob. There were a bunch of ethical questions raised about whether or not this information should be released, and in the end they decided they had to. As with computing information, denying the security hole doesn’t do much to prevent its misuse. Of course, since the person needs a working key to get it to work in the first place, the application of this may be a bit limited. However, I think it’s fascinating to see someone take a method used in the virtual world, and then apply it to the real world.
Comments on “Master Key Copying Revealed”
Business Opportunity: Doorknobs/locks that use keys which have a perfectly straight, rectangular shaft (no cuts) but an embedded RFID tag or something which has a 1024-bit key on it. The keys still fit on your keyring (and even have a similar shaped head to accomodate those little colored rings that fit over them) and the doorknob/lock looks the same otherwise. Make a reader/writer so people can buy blank keys and make their own copies (key generation could use a pass-phrase or something). Programming the lock to recognize the key’s code can only be done from inside.
saw this in action years ago
Freshman year in college, on of the guys on my floor had his door lock fail. I forgot exactly what went wrong with it; I think he couldn’t get it to lock.
As a good engineering student, he took the thing apart to see if he could fix it. He realized that his key didn’t exactly match his lock, so he took his lock and key down to the machine shop in the ME department. While there, he realized that he could make a master key as well. He did the successful experiment, and then after a demonstration claimed to have destroyed the key.