Author Archives: Błażowska Natasza

SpiKey: Eavesdropping on keys

Reading Time: 2 minutes

All of us knows this clicking sound keys make when insert in door locks.  It appears that each key make different sound while locking or opening door, now scientists managed to find a way to duplicate a key using a recording of the sound.

A lock is reliable only insofar as it cannot be defeated by an intruder. Computer technology makes things easier, alas, including for those who hate doors they cannot open (and no, we are not talking about cats). Thanks to 3D printers, copying keys has become much easier. Of course, to print them, you need at least one decent image of the original.

Researchers in Singapore recently published a paper demonstrating SpiKey, a door lock attack that doesn’t require a picture. You simply use your smartphone to record the clicks of the key being inserted into the keyhole.

How the clicks reveal the key

The attack works on pin tumbler locks, the most common type in use today. The mechanism is based on a cylinder that must be turned to lock or open the door. This cylinder houses several pins, which consist of two parts of different lengths and are held in place by springs.

When there is no key in the keyhole, the pins fill the cylinder entirely, and their outer part prevents the cylinder from turning. A suitably shaped key moves the pins so that the boundary between the two parts coincides with the edge of the cylinder; as a result, nothing prevents it from turning. The main secret of a key is the depth of its grooves (pits), which determine the pins’ fit.

When you insert a key into the lock, the pins move based on the shape of the key: They rise when a ridge (the protrusion located between the grooves) passes under them, and then fall again. When the pins fall, they click.

By measuring the time between clicks, scientists were able to determine the distance between the ridges on the key. This method, of course, does not reveal the main variable: how deep the grooves on the key are. But it does provide some idea of the shape of the key. By exploiting this approach, researchers were able to find key variants that corresponded to the original key.