[IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)
Len Sassaman
rabbi at abditum.com
Fri Jan 24 12:38:45 EST 2003
On Thu, 23 Jan 2003, Matt Blaze wrote:
> A brief summary is available on my web page at
> http://www.crypto.com/masterkey.html
> with links to the full (4MB) paper.
>
> Note that this is a bit slashdotted at the moment...
This is a rather clever technique for discovering the second key of a
dual-keyed lock; however, it wasn't previously unknown.
I do give Matt a lot of credit for having come up with it independently,
though I think it is worth pointing out that any good locksmith would
already have been aware of this.
It was described to me in 1997, when I first started working with
locksmithing, as a way of determining a given lock's change key knowing
only the master key (and having access to the lock, but not the ability or
desire to disassemble it.) Using this to find a change key when you have a
master key isn't nearly as interesting from the point of view of an
attacker, but is the more common use of this technique in the locksmithing
field.
The fact that AT&T couldn't find much public mention of this technique
isn't surprising. Locksmithing is a more secretive discipline than
cryptography. Locksmiths generally don't discuss the plethora of ways to
defeat standard physical security techniques with the general public.
Sometimes I think they understand the issue of threat-models better than
cryptographers do. They certainly understand that the public doesn't
understand.
--Len.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list