Conventional locks have always been unsafe, since they are relatively easy to open, with a little skill you can get, but now, a Researchers group from the National University of Singapore has made the task even easier. With just your phone and an app to record sounds, you will be able to capture all the information you need to create a functional duplicate of a key.
Discovered a computer attack that can duplicate your key
Cyber-physical systems researcher Soundarya Ramesh and his team discovered this vulnerability at the National University of Singapore. This attack, called “SpiKey”, works on so-called pin tumbler locks, which are opened with a key with a Pattern single notch on edge.
When the key is slid into the lock, the sample will push six spring-loaded metal pins at different heights, and when properly aligned these metal pins will allow the barrel to rotate and unlock the lock. It’s one of the most common types of locks, and they are used for anything from doors to padlocks, which makes this attack particularly concerning.
To open the keyless pin drum lock, the locksmith used a set of special tools (or picks) to manually adjust the height of each pin until he discovered the unique arrangement of the drum. Besides the ins and outs of operating a 3D printer, SpiKey technology is much easier and requires little or no special skills.
In sound is the key to everything
The research team found that when the key notch is inserted into the spring lock, the sound they make when they collide with the spring pin and the time between each metal click can be analyzed and reverse engineered to determine the shape. of the key, or at least close to matching.
Although the six-pin padlock has about 330,000 possible key shapes, the SpiKey attack can narrow the possibilities to just three, which is relatively easy to print and test.
However, there are some challenges to putting this technology into practice. He SpiKey software has some built-in bug fixes, but in most cases, you need to insert the key into the lock at a constant speed in order to analyze and reverse engineer successfully recorded sound. If you are concerned that someone will use this technology to break into your home, from now on, when you insert the key into the lock, just use a shaky motion.
Yes the attacker uses the phone to record the sound, the attacker must also be very close to the lock to get enough audio fidelity for the software to do the job properly, and the distance must be less than 10 cm, which makes it necessary to carry out an attack. However, the researchers suggest that malware installed on the target phone can be used to record the sound when opening the lock. Also, the smart doorbells that are often installed next to the door can be damaged and used to record the necessary sounds.
Assuming the surrounding area is relatively quiet, the absence of traffic or other sounds can damage the recording. This it is not an infallible attackAt least not yet, so now as long as you haven’t returned home, you can stay safe every time you come home to sing.