Acoustics to the rescue: Physical key inference attack revisited

Soundarya Ramesh, Rui Xiao, Anindya Maiti, Jong Taek Lee, Harini Ramprasad, Ananda Kumar, Murtuza Jadliwala, Jun Han

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

7 Scopus citations

Abstract

Lock picking and key bumping are the most common attacks on traditional pin tumbler door locks. However, these approaches require physical access to the lock throughout the attack, increasing suspicion and chances of the attacker getting caught. To overcome this challenge, we propose Keynergy, a stealthy offline attack that infers key bittings (or secret) by substantially extending and improving prior work that only utilizes a still image of the key. Keynergy effectively utilizes the inherent audible “clicks” due to a victim's key insertion, together with video footage of the victim holding the key, in order to infer the victim's key's bittings. We evaluate Keynergy via a proof-of-concept implementation and real-world experiments comprising of participants that perform multiple key insertions across a total of 75 keys with the related audio recorded using different microphone types placed at varying distances. We demonstrate that Keynergy achieves an average reduction rate of around 75% with an acoustics-based approach alone. When we combine both acoustics and video together, Keynergy obtains a reduced keyspace below ten keys for 8% of the keys (i.e., six keys out of 75 keys tested).

Original languageEnglish
Title of host publicationProceedings of the 30th USENIX Security Symposium
PublisherUSENIX Association
Pages3255-3272
Number of pages18
ISBN (Electronic)9781939133243
StatePublished - 2021
Event30th USENIX Security Symposium, USENIX Security 2021 - Virtual, Online
Duration: 11 Aug 202113 Aug 2021

Publication series

NameProceedings of the 30th USENIX Security Symposium

Conference

Conference30th USENIX Security Symposium, USENIX Security 2021
CityVirtual, Online
Period11/08/2113/08/21

Fingerprint

Dive into the research topics of 'Acoustics to the rescue: Physical key inference attack revisited'. Together they form a unique fingerprint.

Cite this