[IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)
Arnold G. Reinhold
reinhold at world.std.com
Fri Jan 24 13:42:16 EST 2003
At 6:16 PM -0800 1/23/03, Harvey Acker wrote:
>The content, once extracted, was interesting to
>someone who did not know how locks worked, but the
>attack was obvious as soon as one read the description
>of how master keys worked.
I knew how master keys worked. I had one when I was at MIT and I've
picked a few locks myself. I know a little crypto too, but I didn't
think of this attack. Lots of things are obvious once you've read
them.
>
>To dress this up with "P(H-1) key blanks", "rights
>amplification", oracles, and other crypto analogies,
>was silly.
I'm sure there is street argot for most of these terms, but Matt's
paper is great tutorial on what they mean in a practical, physical
setting. Anyway, it got his picture in New York Times:
http://www.nytimes.com/2003/01/23/business/23LOCK.html
At 9:38 AM -0800 1/24/03, Len Sassaman wrote:
>...
>This is a rather clever technique for discovering the second key of a
>dual-keyed lock; however, it wasn't previously unknown.
>
>I do give Matt a lot of credit for having come up with it independently,
>though I think it is worth pointing out that any good locksmith would
>already have been aware of this.
>
>It was described to me in 1997, when I first started working with
>locksmithing, as a way of determining a given lock's change key knowing
>only the master key (and having access to the lock, but not the ability or
>desire to disassemble it.) Using this to find a change key when you have a
>master key isn't nearly as interesting from the point of view of an
>attacker, but is the more common use of this technique in the locksmithing
>field.
If all the master cuts are higher than the change cuts, I believe you
can carry out Len's procedure with a single blank. You start with the
master key and file it down one pin position at a time until it
becomes the change key.
The apparently common restrictions on where the master cuts can be
relative to the change cuts would seem to severely limit the number
of possible master keys for any given lock style. It might well be
possible to construct a priori a set of all possible master keys for
a given lock style. This would make such systems vulnerable to
someone who lacks even a change key. A careful lock picker could also
deduce a lot of information on where the master cuts are.
Arnold Reinhold
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list