Reconsidering physical key secrecy: teleduplication via optical decoding
Posted on 31 October 2008.
Researchers from the University of San Diego (Benjamin Laxton, Kai Wang and Stefan Savage) developed Sneakey, a system that correctly decoded keys from an image that was taken from the rooftop of a four floor building. In this case the image was taken from 195 feet. This demonstration shows that a motivated attacker can covertly steal a victim's keys without fear of detection. The Sneakey system provides a compelling example of how digital computing techniques can breach the security of even physical analog systems in the real-world.

The access control provided by a physical lock is based on the assumption that the information content of the corresponding key is private - that duplication should require either possession of the key or a priori knowledge of how it was cut. However, the ever-increasing capabilities and prevalence of digital imaging technologies present a fundamental challenge to this privacy assumption.

Using modest imaging equipment and standard computer vision algorithms, we demonstrate the effectiveness of physical key teleduplication - extracting a key's complete and precise bitting code at a distance via optical decoding and then cutting precise duplicates. In this paper, researchers describe their prototype system, Sneakey, and evaluate its effectiveness, in both laboratory and real-world settings, using the most popular residential key types in the U.S.


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th