[IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)

Matt Blaze mab at research.att.com
Fri Jan 24 12:52:18 EST 2003 

> On Thu, 23 Jan 2003, Matt Blaze wrote:
> 
> > A brief summary is available on my web page at
> > 	http://www.crypto.com/masterkey.html
> > with links to the full (4MB) paper.
> >
> > Note that this is a bit slashdotted at the moment...
> 
> This is a rather clever technique for discovering the second key of a
> dual-keyed lock; however, it wasn't previously unknown.
> 
> I do give Matt a lot of credit for having come up with it independently,
> though I think it is worth pointing out that any good locksmith would
> already have been aware of this.
> 
> It was described to me in 1997, when I first started working with
> locksmithing, as a way of determining a given lock's change key knowing
> only the master key (and having access to the lock, but not the ability or
> desire to disassemble it.) Using this to find a change key when you have a
> master key isn't nearly as interesting from the point of view of an
> attacker, but is the more common use of this technique in the locksmithing
> field.
> 
> The fact that AT&T couldn't find much public mention of this technique
> isn't surprising. Locksmithing is a more secretive discipline than
> cryptography. Locksmiths generally don't discuss the plethora of ways to
> defeat standard physical security techniques with the general public.
> Sometimes I think they understand the issue of threat-models better than
> cryptographers do. They certainly understand that the public doesn't
> understand.


Actually, I think this is a perfect example of the complete failure of
the "keep vulnerabilities secret" model.  Apparently locksmiths, criminals,
and curious students have been discovering and rediscovering this
and related techniques for the last 100 years, and instead of writing
it down in a coherent body of literature so that less vulnerable
approaches to master keying could be developed to resist this threat,
it has been either kept secret or passed along as folklore.  100 years
should be plenty of time to fix this sort security vulnerability, and in fact,
there are lock designs (like master rings) that turn out resist this attack
but that have died a quite death in the market because users (and locksmiths)
didn't know about this.

See http://www.crypto.com/hobbs.html for an interesting perspective; we
computer security people actually took the notion that publishing
vulnerabilities increases security from the locksmiths, who have since
reverted to trying to keep their secrets.

-matt



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list