Feeds

House key copied from photo

Your door ain't so secure, mate

5 things you didn’t know about cloud backup

Security researchers have developed a technique for copying house keys using only a picture of a key.

The approach - developed by computer scientists at UC San Diego - requires no physical access to keys and only a relatively low resolution picture for the software to work. Boffins at the university said they developed the approach in order to nail the false belief that keys are inherently secure.

In one demo, the computers scientists took camera phone pictures of a residential key to pull out the information needed to create identical copies using image-recognition software. A second exercise featured the use of a 5in telephoto lens to take pictures of a key from 200 feet away.

The keys analysed had a series of five or six cuts, spaced regularly. The San Diego team developed software (dubbed Sneakey) that was capable of analysing photos from nearly any angle to measure the depth of each cut, the so-called bitting code. This, alongside knowledge of the brand and type of key, is enough to make a duplicate.

Adjusting for a wide range of different possible angles and distances between the camera and the target key created headaches for the researchers. They got around this problem by matching control points from a reference image onto the equivalent points in the target image.

"We built our key duplication software system to show people that their keys are not inherently secret," said Stefan Savage, a computer science professor from UC San Diego’s Jacobs School of Engineering. "Perhaps this was once a reasonable assumption, but advances in digital imaging and optics have made it easy to duplicate someone’s keys from a distance without them even noticing."

Savage added that some locksmiths have been able to copy keys by sight from high-resolution pics. The development of better image processing software makes it possible to extract the necessary data with far less expertise. The researchers carried out the exercise using Yale keys and its not clear how effective the approach would be using other types of keys.

Professor Savage presented the student-led research at the ACM’s Conference on Communications and Computer Security 2008 in Alexandria, Virginia on Thursday (30 October). ®

Next gen security for virtualised datacentres

More from The Register

next story
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Hear ye, young cyber warriors of the realm: GCHQ wants you
Get involved, get a job and then never discuss work ever again
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.