A new program could allow hackers to map the size and shape of your front door key by using audio recordings.
This startling new discovery has come via a research paper by a group from the National University of Singapore.
The paper shows that an audio recording of a key being turned in a lock can be used to map the size, shape and even the ridge pattern of the key to be able to create a duplicate of said key.
A program called SpiKey was used to research the paper and this program was said to be accurate enough to filter through 330,000 keys right down to three possible fits.
When a victim inserts his/her key into the lock, the emitted sound is then captured by the attacker’s microphone.
SpiKey can then be used to leverage the time difference between audible clicks to ultimately infer the bitting information, i.e., the shape of the physical key.
Because SpiKey only requires a smartphone microphone, it yields many advantages such as enabling almost anyone to launch the attack, in addition to significantly reducing suspicion.
The inter-ridge distances are then used to create a virtual model of the key and can then be used to 3D print a copy to be used in a real-life scenario of breaking and entering.
This scenario relies on a couple of aspects though namely, the attacker needs to have at least a basic knowledge of the type of lock and key (which could be confirmed by inspecting the exterior) and if the speed of key insertion or withdrawal remains constant from start to finish.
This is quite a disturbing idea but if you are truly concerned it is prudent to have a key ring attached with multiple keys as the jingling keys should create sufficient noise to interfere with the recording. Rendering the recording void and making effective analysis impossible.
In the future, the researchers at the University aim to explore the possibility that click sounds could be collected by malware installed on a victim’s smartphone or smartwatch and whether the same analysis technique could be applied to a recording taken from a distance, which would minimize suspicion.
It is a fact that criminals are getting smarter and using technology to commit their crimes, but we are unconvinced that this technique can be flawlessly pulled off anytime in the foreseeable future as there are still a few variables to consider.