research-article

Listen to Your Key: Towards Acoustics-based Physical Key Inference

Authors:

Soundarya Ramesh,

Harini Ramprasad,

Jun HanAuthors Info & Claims

HotMobile '20: Proceedings of the 21st International Workshop on Mobile Computing Systems and Applications

Pages 3 - 8

https://doi.org/10.1145/3376897.3377853

Published: 03 March 2020 Publication History

Abstract

Physical locks are one of the most prevalent mechanisms for securing objects such as doors. While many of these locks are vulnerable to lock-picking, they are still widely used as lock-picking requires specific training with tailored instruments, and easily raises suspicion. In this paper, we propose SpiKey, a novel attack that significantly lowers the bar for an attacker as opposed to the lock-picking attack, by requiring only the use of a smartphone microphone to infer the shape of victim's key, namely bittings (or cut depths) which form the secret of a key. When a victim inserts his/her key into the lock, the emitted sound is captured by the attacker's microphone. SpiKey leverages the time difference between audible clicks to ultimately infer the bitting information, i.e., shape of the physical key. As a proof-of-concept, we provide a simulation, based on real-world recordings, and demonstrate a significant reduction in search space from a pool of more than 330 thousand keys to three candidate keys for the most frequent case.

References

[1]

Ampflab. 2019. Microphone Long Range Audio Surveillance. http://ampflab.com .

[2]

Matt Blaze. 2016. Notes on Picking Pin Tumbler Locks. https://www.mattblaze.org/papers/notes/picking/.

[3]

Ryan Brown. 2019. Why criminals don't pick locks. https://www.art-of-lockpicking.com/criminals-dont-pick-locks/.

[4]

Ben Burgess, Eric Wustrow, and J Alex Halderman. 2015. Replication prohibited: attacking restricted keyways with 3D-printing. In 9th USENIX Workshop on Offensive Technologies (WOOT'15) .

[5]

Datagram. 2009. Lockpicking Forensics. https://www.blackhat.com/presentations/bh-usa-09/DATAGRAM/BHUSA09-Datagram-LockpickForensics-PAPER.pdf .

[6]

Adam Clark Estes. 2015. The History and Future of Locks and Keys. https://gizmodo.com/the-history-and-future-of-locks-and-keys-1735694812 .

[7]

Google. 2019. Nest Support. https://support.google.com/googlenest/answer/9250972?hl=en-CA .

[8]

HITBSecConf. 2017. A Guide to Key Impressioning Attacks. https://conference.hitb.org/hitbsecconf2017ams/sessions/most-impressive-a-guide-to-key-impressioning-attacks/.

[9]

IBISWorld. 2019. Door Lock & Lockset Manufacturing Industry in the US - Market Research Report. https://www.ibisworld.com/united-states/market-research-reports/door-lock-lockset-manufacturing-industry/.

[10]

KeyMe. 2019. KeyMe Homepage. https://www.key.me .

[11]

Keys4Classics. 2019. Keys Cut to Code. http://www.keys4classics.com/info/cut_notes.html .

[12]

Marc Lavielle. 2005. Using penalized contrasts for the change-point problem. Signal processing, Vol. 85, 8 (2005), 1501--1510.

[13]

Benjamin Laxton, Kai Wang, and Stefan Savage. 2008. Reconsidering physical key secrecy: Teleduplication via optical decoding. In Proceedings of the 15th ACM conference on computer and communications security. ACM, 469--478.

Digital Library

[14]

Anindya Maiti, Ryan Heard, Mohd Sabra, and Murtuza Jadliwala. 2018. Towards Inferring Mechanical Lock Combinations using Wrist-Wearables as a Side-Channel. In Proceedings of the 11th ACM WiSec .

Digital Library

[15]

LSA Michigan. 2019. Schlage Bitting Specifications. https://www.lsamichigan.org/Tech/SCHLAGE_KeySpecs.pdf .

[16]

CBS News. 2018. Yale Locks. https://www.cbsnews.com/news/almanac-yale-locks/.

[17]

Deviant Ollam. 2008. Lockpicking and Physical Security. https://www.blackhat.com/presentations/bh-europe-08/Deviant_Ollam/Whitepaper/bh-eu-08-deviant_ollam-WP.pdf .

[18]

Deviant Ollam. 2012. Practical lock picking: a physical penetration tester's training guide .Elsevier.

[19]

Klover Products. 2019. Sound Shark. https://kloverproducts.com/sound-shark/.

[20]

Graham Pulford. 2007. High-security mechanical locks: an encyclopedic reference .Butterworth-Heinemann.

[21]

TechCrunch. 2018. LookOut SmartDoor Viewer. https://tcrn.ch/2PakE1C .

[22]

M.W. Tobias. 2000. LOCKS, SAFES, AND SECURITY: An International Police Reference Two Volumes. Vol. 1. Charles C Thomas Publisher.

[23]

M.W. Tobias. 2007. Opening Locks in Ten Seconds or Less. https://conference.hitb.org/hitbsecconf2007dubai/materials/D1%20-%20Marc%20Weber%20Tobias%20-%20The%20Insecurity%20of%20Mechanical%20Locks.pdf .

[24]

Karim H. Vellani. 2019. Strategic security management: a risk assessment guide for decision makers .CRC Press.

[25]

Barry Wels and Rop Gonggrijp. 2005. Bumping Locks. http://toool.nl/images/7/75/Bumping.pdf .

Cited By

Ramesh SOkoshi TKo JLiKamWa R(2024)Your Mic Leaks Too Much: A Double-Edged Sword for SecurityProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661387(754-755)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661387
Gao MChen YLi YZhang LLiu JLu LLin FHan JRen K(2023)A Resilience Evaluation Framework on Ultrasonic Microphone JammersIEEE Transactions on Mobile Computing10.1109/TMC.2023.3244581(1-16)Online publication date: 2023
https://doi.org/10.1109/TMC.2023.3244581
Matić LDraženović KŠunde VBan Ž(2023)Some Security Aspects of Batteries and Power Electronic Converters in a MicrogridIEEE Access10.1109/ACCESS.2023.332716411(121712-121723)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3327164
Show More Cited By

Index Terms

Listen to Your Key: Towards Acoustics-based Physical Key Inference
1. Hardware
  1. Communication hardware, interfaces and storage
    1. Sound-based input / output
2. Security and privacy
  1. Security in hardware
    1. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures

Recommendations

A countermeasure against cryptographic key leakage in cloud: public-key encryption with continuous leakage and tampering resilience

Public-key encryption is an important security mechanism used in cloud environment. To ensure the confidentiality of data encrypted using public-key encryption, countermeasures against cryptographic key leakage by side-channel attacks should be applied ...
Are Timing-Based Side-Channel Attacks Feasible in Shared, Modern Computing Hardware?

This article describes how there exist various vulnerabilities in computing hardware that adversaries can exploit to mount attacks against the users of such hardware. Microarchitectural attacks, the result of these vulnerabilities, take advantage of ...
On the Challenges of Detecting Side-Channel Attacks in SGX
RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses

Existing tools to detect side-channel attacks on Intel SGX are grounded on the observation that attacks affect the performance of the victim application. As such, all detection tools monitor the potential victim and raise an alarm if the witnessed ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotMobile '20: Proceedings of the 21st International Workshop on Mobile Computing Systems and Applications

March 2020

116 pages

ISBN:9781450371162

DOI:10.1145/3376897

General Chair:
Padmanabhan (Babu) Pillai
Intel Labs, USA
,
Program Chair:
Qin (Christine) Lv
University of Colorado Boulder, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 March 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Singapore Ministry of Education Academic Research Fund Tier 1

Conference

HotMobile '20

Sponsor:

SIGMOBILE

HotMobile '20: The 21st International Workshop on Mobile Computing Systems and Applications

March 3, 2020

TX, Austin, USA

Acceptance Rates

Overall Acceptance Rate 96 of 345 submissions, 28%

Upcoming Conference

HOTMOBILE '25

Sponsor:
sigmobile

The 26th International Workshop on Mobile Computing Systems and Applications

February 26 - 27, 2025

La Quinta , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
670
Total Downloads

Downloads (Last 12 months)29
Downloads (Last 6 weeks)4

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ramesh SOkoshi TKo JLiKamWa R(2024)Your Mic Leaks Too Much: A Double-Edged Sword for SecurityProceedings of the 22nd Annual International Conference on Mobile Systems, Applications and Services10.1145/3643832.3661387(754-755)Online publication date: 3-Jun-2024
https://dl.acm.org/doi/10.1145/3643832.3661387
Gao MChen YLi YZhang LLiu JLu LLin FHan JRen K(2023)A Resilience Evaluation Framework on Ultrasonic Microphone JammersIEEE Transactions on Mobile Computing10.1109/TMC.2023.3244581(1-16)Online publication date: 2023
https://doi.org/10.1109/TMC.2023.3244581
Matić LDraženović KŠunde VBan Ž(2023)Some Security Aspects of Batteries and Power Electronic Converters in a MicrogridIEEE Access10.1109/ACCESS.2023.332716411(121712-121723)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3327164
Bolton CFu KHester JHan J(2020)How to curtail oversensing in the homeCommunications of the ACM10.1145/339626163:6(20-24)Online publication date: 22-May-2020
https://dl.acm.org/doi/10.1145/3396261

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

ePub

View this article in ePub.

Media

Figures

Other

Tables

View Table of Contents