[ISN] A Picture Is Worth A Thousand Locksmiths

From: InfoSec News <alerts_at_private>
Date: Mon, 3 Nov 2008 02:28:49 -0600 (CST)

Oct. 31, 2008

UC San Diego computer scientists have built a software program that can 
perform key duplication without having the key. Instead, the computer 
scientists only need a photograph of the key.

The bumps and valleys on your house or office keys represent a numeric 
code that completely describes how to open your particular lock. If a 
key doesn’t encode this precise “bitting code,” then it won’t open your 

“We built our key duplication software system to show people that their 
keys are not inherently secret,” said Stefan Savage, the computer 
science professor from UC San Diego’s Jacobs School of Engineering who 
led the student-run project. “Perhaps this was once a reasonable 
assumption, but advances in digital imaging and optics have made it easy 
to duplicate someone’s keys from a distance without them even noticing.”

Professor Savage presents this work on October 30 at ACM’s Conference on 
Communications and Computer Security (CCS) 2008, one of the premier 
academic computer security conferences.

In one demonstration of the new software system, the computer scientists 
took pictures of common residential house keys with a cell phone camera, 
fed the image into their software which then produced the information 
needed to create identical copies. In another example, they used a five 
inch telephoto lens to capture images from the roof of a campus building 
and duplicate keys sitting on a café table more than 200 feet away.


Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
Received on Mon Nov 03 2008 - 00:28:49 PST

This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 00:40:17 PST