[IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)

Len Sassaman rabbi at abditum.com
Fri Jan 24 15:00:42 EST 2003


On 24 Jan 2003, David Wagner wrote:

> If those locksmiths didn't publish the vulnerability, phooey on them.
> Matt Blaze deserves full credit for being the first to publish.

I'm fairly certain this has been published in locksmithing journals
previously, though I would have to do some digging to prove that.

> What good is it to know about a vulnerability if you never warn the
> users and never fix the weakness?

It is the prevailing opinion in the physical security space that users are
not the best qualified to judge their own threat models. Whether or not
this is correct could be up for debate, but trying to force high-security
locks on someone who doesn't need it is viewed with the same sort of
disdain that you might have for a company trying to sell Tempest-shielding
to a small business owners.

The actual lock is very rarely the point of least resistance for an
attack.

[These and other weaknesses are, in fact, addressed in a number of
high-security locks. Most users won't want to pay for them.]

> In scientific research, we credit the first person to publish new
> knowledge.  Sure, maybe you've invented a cure for cancer ... but if
> you don't tell anyone, you don't get the credit, and you haven't done
> much good for the world.
>
> I think, on balance, Matt Blaze's paper seems likely to be beneficial
> for users of locks.  It helps us more accurately evaluate our own
> security and be smarter about how we select physical security defenses.
> That seems likely to lead to greater security for all of us in the end.
> We should be grateful to Blaze for publishing, not dismissive.

Matt's paper is beneficial to fledgling locksmiths, but I'm uncertain if
it will have any effect on users. Perhaps I'm cynical.

Here's a story you might find interesting. A few years ago, a certain
employee of a Silicon Valley company with which both you and Matt may be
familiar asked me to evaluate the physical defenses of one of their
facilities. The goal was to see how close I could get to the center of the
building. They had a magnetically-sealed front door, a hand geometry
scanner on one inner door, iButton access on another, and fairly secure
physical lock cylinders.

I was able to get inside with nothing more than a coat hanger, credit
card, and a pen knife.

This is the reality of physical security. Designing a burglar-proof
installation is tricky business, and using secure locks is usually the
least of the problem. A user who needs full security should be engaging a
qualified physical security specialist to do the design and installation,
and a security professional who knows how to address all the other
potential attacks will surely be aware of key decoding techniques, and
how to defend against them.

Matt's technique is clever, and I am impressed that he came up with it on
his own. His paper is well-written, and explains a lot about master-keyed
systems in general. People interested in becoming locksmiths or entering
the physical security business will definitely want to read it.

I don't think it is going to significantly increase security in the real
world, however.


--Len.



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list