padlocks with backdoors - TSA approved

Ian Farquhar (ifarquha) ifarquha at cisco.com
Mon Feb 26 23:37:10 EST 2007 

Some of the locks have special indicators which flag that a TSA key has opened it, which marginally improves the idea, but not
by much.  Whether those flags could represent a defence in the case of a corrupt official in possession of TSA keys I do not
know.

Without such flags, it's an INCREDIBLY unwise idea, as if you keep the bag unlocked, at least you have a defence that handlers
could have added items to the luggage in transit.

Some readers will have heard the case of Schapelle Corby, who is serving a 20 year sentence in Indonesia for trafficing
marijuana.  In the ensuing investigation, a significant amount of evidence was uncovered suggesting that corrupt baggage
handlers were trafficing drugs between Australian airports, using unlocked baggage.  Corby's laywers claimed that she was the
victim of this, and that the destination baggage handler failed to intercept the drugs which were planted in her luggage.

I won't make a comment on the conduct of the agencies, the media and governments involved in the Corby case.  However, I will
say that any government (or other) program which assumes the honesty of employees and contractors is fundamentally flawed, and
any associated risk analysis is either incompetent, or in failing to identify risk to travellers, seriously incomplete.

Ian. 

-----Original Message-----
From: owner-cryptography at metzdowd.com [mailto:owner-cryptography at metzdowd.com] On Behalf Of Hadmut Danisch
Sent: Tuesday, 27 February 2007 7:20 AM
To: cryptography at metzdowd.com
Subject: padlocks with backdoors - TSA approved

Hi,

has this been mentioned here before?


I just had my crypto mightmare experience. 


I was in a (german!) outdoor shop to complete my equipment for my next trip, when I came to the rack with luggage padlocks (used
to lock the zippers). 

While the german brand locks were as usual, all the US brand locks had a sticker 

   "Can be opened and re-locked by US luggage inspectors". 

Each of these (three digit code) locks had a small keyhole for the master key to open. Obviously there are different key types
(different size, shape, brand) as the locks had numbers like "TSA005" 
tell the officer which key to use to open that lock.


Never seen anything in real world which is such a precise analogon of a crypto backdoor for governmental access.

Ironically, they advertise it as a big advantage and important feature, since it allows to arrive with the lock intact and in
place instead of cut off. 


This is the point where I decided to have nightmares from now on.


regards
Hadmut

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list