25 August 2020 CSMEDIA Department of Computer Science , Faculty , Research , News Media , Security

A group of security researchers from the department of computer science at the National University of Singapore has created an attack model they call SpiKey to determine the key shape that will open any tumbler lock.

Soundarya Ramesh, Harini Ramprasad and Jun Han are the talented hackers behind SpiKey, which they say "significantly lowers the bar for an attacker," when compared to a more traditional lock-picking attack. The theoretical methodology is deceptively simple, listening for the sound of the key as it moves past tumbler pins in turn when the key is inserted in the lock.

The Singapore hackers use a simple smartphone to record the sound of the key being inserted, and withdrawn, with a smartphone and then observe the time between each tumbler pin click using their custom key reverse-engineering application. This forms the secret of the key, the fine-grained bitting depths which, the researchers report, can differ by as little as 15 milli-inches, or 0.381 millimeters.

"As SpiKey infers the shape of the key, it is inherently robust against anti-picking features in modern locks," the research paper states, "and grants multiple entries without leaving any traces."

Tech Xplore, 24 August 2020

Daily Mail, 24 August 2020

Forbes, 22 August 2020

The Telegraph, 22 August 2020

Science Alert, 21 August 2020

Mashable, 20 August 2020

Interesting Engineering, 20 August 2020

Schneier on Security, 20 August 2020

Gizmodo, 19 August 2020

Slash Gear, 19 August 2020

ACM News, 13 August 2020