Spikey Attack Can Duplicate Physical Keys By Listening To Click Sounds

Researchers have come up with a new attack that creates 3D-printed physical keys. Dubbed Spikey, the technique involves listening to the clicks of the key to create duplicate keys.

Spikey Attack To Create Duplicate Keys

A team of researchers from the National University of Singapore have devised a new attack strategy targeting physical locks. What they call ‘Spikey’, the attack involves duplicating keys.

While that’s nothing new, Spikey makes use of technology to develop the replica keys. Specifically, it uses the sounds of the key clicks to develop duplicate keys by 3D printing.

As explained by the researchers, Spikey is a novel alternative to lock-picking as it does not require expertise. Rather all it requires is the sound recording of the key clicks when someone inserts it into the lock. These clicks here refer to the exact sound produced when a key passes through the lock ridges.

Recording the sound is also not difficult. An adversary can simply record the sound via a smartphone microphone when the target in proximity opens a lock.

Defining Spikey attack, the researchers stated,

SpiKey, a novel attack that utilizes a smartphone microphone to capture the sound of key insertion/withdrawal to infer the shape of the key, i.e., cut depths (referred to as bittings) that form the “secret” of the key, solely by the captured acoustic signal.

While analyzing the sound signals would facilitate in determining the key design, the technique also involves the analysis of time difference between the clicks. This helps in determining the distance between the key ridges.

Details of the Spikey attack are available in a research paper. Whereas, the researchers have also presented their findings at the HotMobile ’20: 21st International Workshop on Mobile Computing Systems and Applications.

Attack Limitations and Future Outlook

While the attack is pretty trivial to execute, in a real-time scenario, it has some limitations.

For instance, the time difference between the audible clicks may not always be the same in real-time. Hence, any change in this reading may lead to the wrong judgment of ridges.

The attacker should also have the knowledge of the respective lock and key.

Nonetheless, if these things are addressed, then an adversary can execute the attack.

Though, at present, the researchers have demonstrated the attack considering a scenario where the attacker records the audio via smartphone. For the future, they aim at analyzing the attack feasibility by recording sounds via a malware-infected device. That is, the attacker may first infect the victim’s smartphone or smartwatch via malware which then records the sounds.

Similar strategies of recording sound via door sensors. Also, such an attack may target numerous locks at a time if it records sounds of multiple keys. For instance, in an office setup.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients