They did not take a recording of an actual key in an actual lock and determine the shape of the key. Instead they simulated the sound of a key in a lock, and determined the shape of the key from that simulated sound. And the simulation assumed that the speed that the key moves at is fixed as it enters the lock, at 1 inch per second.
So this article is false. It wouldn't have been that hard to read the paper, and say what they actually did. It bothers me that articles like this don't, and instead run with an exaggeration.
EDIT: As far as I can tell from the paper, at least. What on earth is a "simulation, based on real-world
recordings"? I don't see anything about an actual recording in section 4.
FYI it was very little effort. You can do it too! I followed two links to the paper, looked for "how did they test this thing" (because I was skeptical about that bit), then skimmed the three paragraphs in section 4 "Feasibility Study". I'm hoping that people that care more than I do will read more.
Sure, a positive interaction and rewarding something important. At the same time we shouldn’t forget to aim to make this behavior commonplace.
They have a section on the filtering they needed on the real world audio to extract the information they needed.
The conclusion even states “ We evaluate SpiKey with a proof-of-concept simulation, based on real-world acoustic data, and demonstrate that SpiKey can reduce the search space from a pool of more than 330 thousand keys to just three candidate keys for the most frequent case.”
Why do you claim it’s not real audio?
You could still be right. I've been reading again, and I'm having a hard time telling apart statements about how their tool works in general, vs. statements of a particular test of it.
If they actually tested this thing end-to-end, I would expect to be able to answer (i) how many actual key recordings did they test it on?, and (ii) did it work? Was the actual key found among the 3 (or however many) candidates?
The image attack offers way more opportunities there, as you just need to be able to see the key (as opposed to the hypothetical sound attack, which requires that you capture the sound of the lock being unlocked).
As an aside, If you're keen to learn more about locks and security, I suggest having a look at LockPickingLawyer on YouTube.
They link the actual recording in section 3.1: http://bit.ly/2JciYB6
What they are saying is to find their target keys, they physically modelled 330,424 candidate keys, generated an acoustic simulation and then ran the acoustic simulation of clicks though the tool described in sections 3.1 to 3.6. They used the insertion speed of 1 inch per second for this physical simulation of candidate keys.
Then they compared the output of the tool on all the candidates to the output from the original real recording to see which ones lined up the best.
What I'm confused about is, I would expect them to say that they ran that recording through SpiKey, and it output 3 (or however many) candidates, and the actual key was (or wasn't) one of the three. But instead, that bit.ly link is provided for "better understanding", and the rest of the section it's in is about the tool in general, rather than a specific test of it.
Was it one actual recording they tested, you think? Do they say whether the actual key was among the candidates?
Pretty shady if so...
Ok, maybe you can copy a key from sound but getting a clean recording and then going home and producing a new key and getting it correct is 100000x harder than just sticking 2 metal sticks in the lock and opening it in 15 seconds.
To us these posts might provide some light entertainment but then they get shared around by people who people who don't know better and next thing you know people are installing sound proof booths on the front of doors or telling us locks are insecure because they just found out about this trick.
Researchers, regardless of the discipline, often work at the edge of what's possible, not what's practical. Decade after decade, we have consumed news about researchers finding ways to cure cancer, immunize against HIV, break encryption with quantum computing, etc. It will be a couple more decades before any of these endeavours come to fruition. Just remember how long researchers have been working on quantum computers and how much longer they need to work to create something even remotely useful.
Science news hints how the world might look like half a century or a century in the future, not next year. For that, you need to read corporate announcements.
You mince your words a lot mate.
The simple reality is that if you’re going to get robbed, chances are the robber is going to use a pry bar to ruin the door jam or break your window. Locks are about keeping honest citizens honest.
I've heard that, and I get it, but I don't think that's actually it. Locks are about making it too inconvenient or risky to be worth stealing or breaking into. I guess some people might just all the sudden steal something if given the chance but would never do so otherwise, but usually, it's people who are already willing to steal if the difficulty and stakes are low enough.
No, locks are about making forcible entry easier than covert entry, so that your insurance company pays out. The primary function of the lock is tamper evidence. The secondary function is deterrence (easier to get into an unlocked place than a locked one). Actually preventing entry isn't the point for any but the strongest locks, and even then they only serve to delay entry.
Besides, a lot of locks are so easy to pick that you might as well do it instead of making a lot of noise forcing it open.
The thing is, those locks are more expensive to produce, both in terms of metallurgy and skilled labor. Germany has done a solid job of ensuring that it retains local experience in both areas, through a combination of tariffs, a robust skilled-trade education system, and consumer preference for domestic goods.
American consumers, on the other hand, tend to be very price-sensitive, and Master locks are cheap.
That's not to say that there aren't some rock-solid American locks, but Germany and Japan tend to be the leaders here (and for the same reason)
If you're keen to learn more about locks and security, I suggest having a look at LockPickingLawyer on YouTube: https://www.youtube.com/channel/UCm9K6rby98W8JigLoZOh6FQ
The most common locks in America are all of the pin-tumbler type, which essentially provides "security theater"-level protection. They are very easy to pick with very little skill or specialized tools required, and most of them can be even be bumped in 5 seconds.  When people got concerned about the security of pin-tumbler locks, American lock manufacturers generally did not move to more secure lock types (or, if some did, they were probably outcompeted by other companies), they just added various extra "security features" on top of the fundamentally broken mechanism. Some of those "security features" are able to stop a curious 12-year old who spent 4 hours learning lockpicking on youtube, none of them will actually do much to deter a professional. On the positive side, pin-tumbler locks are really cheap and easy to use.
My native Finland has mostly standardized on Abloy's (now part of Assa Abloy) disc-detainer style locks.  They are somewhat more expensive than pin-tumbler style locks, but are dramatically more secure. This is because they typically have many orders of magnitude larger key spaces, and are designed in such a way that it is very hard to get feedback by manipulating the lock. They, too, can be picked, but this generally requires hard-to-acquire specialized tools, a very high skill level and a lot more time than weaker locks. They are hard enough to pick that if you lock yourself out, and don't have the coding of the lock stored somewhere, you basically cannot hire a locksmith to pick the lock for you -- you just have to break into your house some other way.
Why have Abloy locks not been a runaway success in America, replacing all the insecure locks? It turns out that the security of a lock really does not matter. Almost all American home locks are comically weak, yet almost no criminals ever pick or bump locks. So the additional security doesn't actually buy you much, if anything. However, Abloy locks have real disadvantages. For one, they require much more fine machining, which makes them more expensive. On top of that, they are somewhat more complex to use, as the locks have no internal springs (which is part of what makes them secure), so the lock has some persistent state or "memory". If the lock has last been normally locked or unlocked, you can just insert the key, turn, and pull it out. However, if I insert the key fully, and then extract it slightly, turn a little, and then fully pull it out, you can only insert the key up to that same point, and you then have to turn it straight before you can insert it further. If I do this individually to every disc with different rotations, it's going to take you a while. This can happen on it's own for, say, a padlock on a container that jostles as it's being transported. Everyone in Finland learns how to open a scrambled Abloy lock with the key right about at the time they get their first key, and most of us probably don't actually think of this as a skill, but do you want to try selling these locks to people who were not just taught how this works by their parents?
So why did Finland standardize on such an expensive, idiosynchratic lock type? It was invented by a Finnish company, their manufacture was domestic, and there were periods when Finland was really starved for foreign currency. It's all network effects from there.
But yeah, every now and then there is a news story or a paper of how you can open an American door lock by 3d-printing a key or by sound or by whatever exotic method. These news are always stupid because you can already open the lock by gently tapping it, so why waste your time with the tech?
: A video of an 11-year-old kid at defcon learning to bump a lock after a few minutes of teaching: https://www.youtube.com/watch?v=C5fLgxqWvJQ
It's the only major type of lock I haven't been able to pick within a reasonable timeframe.
Normally once you learn how to pick a certain model of lock, another lock of the same model will fall within 10 min, broadly speaking, and most cheap locks in just seconds.
Disc detainer lock's design just prevents you from freely accessing each of the discs except with specialized tools, and there's no feedback from any spring, so there's no "touch" or "feeling" you can learn.
That leaves to brute force all "combinations" from the innermost to the outermost disc as the only way to pick it.
In a 8 disc, 4 "angle" lock like the one I have to practice, that means 4096 combinations. With a very optimistic 1 sec per combination, on average you need 34 minutes per lock.
At that point it's less suspicious to use a drill or an angle grinder to open what you want to open.
This is the same as the difference between a preimage (specific input) attack and a collision (any pair of inputs) attack on a hash algorithm.
A well-designed pin-and-tumbler deadbolt is not easy to pick: https://www.frontrangelocksmith.com/blog/the-best-lock-for-y...
Bumping is a different story.
Once you get the bitting and know what key it is, this is really not hard at all, provided you have the right tools. There's handheld tools for this  stuff, so you can do this pretty quickly in a parking lot, in theory.
Yes, these tools are relatively expensive and you probably don't need to worry about your bike getting stolen that way.
Probably also not about someone breaking into your home like this, they'll just smash a window or something.
But if the attack described here gets to the point where you have an app that outputs the bitting code then I believe this is a legitimate attack that should worry (some) companies. This could let you go from access to a building with a 'visitor' badge to getting easy permanent access.
With more research the designers can certainly overcome the problems other commenters have posted here regarding noise, or more challenging lock design. Lock makers could build effective countermeasures. But there are so many locks that never will be upgraded.
Key and lock security is for low security situations where it just has to be more secure than the window.
(That and noise.) Can we say academic project?
They can be really nasty for an experienced lockpicker to navigate, and will make all the same sounds and feel of picking a real pin. Most semi-advanced locks will have one or more of these anti-picking countermeasures in place.
As it is, it would be far faster to actually pick this lock instead of trying to reproduce the key.
I don't see why either of those are relevant.
A key in normal operation won't interact with false pins, and security pins (I assume you're talking about spools/mushrooms) act like normal pins to a key.
At least have an excuse for leaving the house with the radio blaring out now - security.
I'm not sure that's true...it may be true, but it hasn't been looked into. Also 99% of security pins are in the driver pins which aren't the actual pins that are making the clicking sound against the ridges. Since there is a set of pins (key pins) between the ridges and the security pins that could also "dull" the difference security pins change the sound.
In the same vein, though, great locks can also use different springs for each set of pins which also may effect the sound.
Which is what, oh, only what the vast majority of the people out there have on their front doors.
That's fair, of course, but the method is still interesting and novel, and may even have security implications if it can be evolved to target locks containing features beyond the basics.
Not without spending time at the lock, performing an activity that is obviously criminal to any witness, and having to repeat that every time you want access to those premises.
And, also: a neophyte lock picker will likely leave evidence, like scratches. If you have a key that works, you can open the lock without any traces of picking activity.
Plus, in the majority of break-ins, does knowing how they got in matter? If someone broke into my house and stole my valuables, does the fact that they picked the lock make all that much of a difference? I mean, I'd almost be relieved they did that as opposed to something more destructive.
(For the record, I have security cameras, please don't pick my locks)
A surprising number of padlocks have no security pins whatsoever, including most Master Locks.
But maybe locks are generally worse in the US than they are here in Sweden. Masterlocks are infamously bad.
If you 2D-print me a piece of paper with a few copies of the key image in actual size, I will cut that shape into a blank in about 15 minutes with a file.
If you have a skilled professional at hand that can file a blank, you might as well assume you have a skilled lockpicker at hand.
Anecdotally, it happened to me once that someone forgot to leave the (only) key to a site laboratory, I had him "transmit" via fax the key, then after rummaging in a closet full of old keys I found one that had enough material, filed it down with the high-tech tools I had available (the file of a Leatherman multi-tool) and opened the lock, I cannot see how the same cannot be easily done with a 2-D print of the profile of a "virtually generated" key instead of the fax.
Like the Average Joe who has a 3D printer, and knows how to use it to produce something that won't break when inserted into a lock and turned.
In retrospect, somebody really should have thought of this three decades ago. Props to the person that did, though.
I wonder if it would work on something like this, which has no springs:
Admittedly computers can now easily spilt parallel conversations apart fairly effectively (eg cocktail party problem) but in this case with the individual noises being very similar in character it would make it harder to get the timing between genuine signals, which seems like it would make the attack much less likely to recreate an accurate key replica.
Most locks can be picked (by an expert) in under 60 seconds anyway. Without having to make a key.
This reminded me that once I have theorized that it would be possible to extract computer password from the sound of the key strokes on your keyboard.
Simple phone or PC mic listening could take it all...
I picked my neighbor's front door when he wasn't home, opened his garage, and returned his weed eater to him in about 5 minutes. It was the easiest thing in the world. And yet I'm sure he sleeps soundly at night thinking his locks offer protection.
This truly basic stuff needs to be instilled in children in elementary school: At least 50% (maybe even more like 70%) of all resources (time, money, etc) should be devoted to security whenever you are building something (house, computer program, etc.). It's not enough to try and "wear all the hats" if you are working at a startup. You need to have security experts on payroll from day 1 if you want any hope of creating a secure product, keeping your assets safe from your own employees (re: Twitter), etc.
I could spend hundreds of thousands on building my house with redundant locks, security cameras, steel-reinforced bullet proof doors and windows, OR I can sleep soundly knowing that if my house is robbed I can make an insurance claim and replace all my stuff. If someone wanted to actually steal my stuff or kill me, well they could just wait outside my house and do it then ️
Same with high tech, I could build the most secure system on the planet but a guy with a knife to my throat is gonna get all the security keys.