Rights Amplification in Master-Keyed Mechanical Locks (2003) [pdf]

[colmmacc]

Matt recently wrote a tweet thread about this paper and his history with a University Locksmith ... https://twitter.com/mattblaze/status/1553244850304290817

[glorioushubris]

I remember reading this when it was published, as I was living in a college dorm at the time and strongly considered using this method to produce a master key. I didn't, because I couldn't think of anything I'd want to do with the master key once I had it. But I enjoyed knowing that I could make one if I'd wanted to.

[aidenn0]

I had plenty of legitimate uses for a master key, but I didn't make one because once 2 or 3 people know you have a master key you get blamed for every single misplaced object in the whole damn dorm.

[spoonjim]

You don't know that you could make one until you do make one.

[jacquesm]

That isn't necessarily true. There are a ton of things that I know how to make and that I'm sure that I can make but which I haven't made yet.

[foodstances]

Every time I see an F1 race and see all of the crypto.com ads, I can't help but picture Matt Blaze spending millions of dollars to advertise his blog.

[yccs27]

The difficulty of this attack is definitely in producing so many test keys. I imagine that it might not be much easier than disassembling the lock.

[aidenn0]

You need one test key per pin, so on the order of 7 keys; that's not so terrible.

[vgel]

Don't you need (up to) `N cut depths - 1` keys per pin? E.g. if there are 4 possible cut depths for a pin, and your key has depth 3 on pin 1, you need to (potentially) test depths 1, 2, and 4 -- and if none of them work, your key shares a depth with the master key.

[vgel]

Oh, you could re-use the same test key if you start at the higher depth, of course.

[Gordonjcp]

Is this available in a readable form?