In "Rights amplification in master-keyed mechanical locks", Matt Blaze described how to make a master key if you have access to just one working non-master key and its lock.
Locksmiths dismissed it as old news, claiming that they had all known about the attack as a secret in their trade since master keying of pin-tumbler locks was invented (when was that?). Was that really so? Did a large number of people actually manage to collectively keep a secret, one for which there probably wouldn't be much punishment for revealing? (For example, a retired locksmith could tell friends.) If this kind of secret-keeping is really possible (I doubt it), one wonders what other juicy secrets are being kept this way in other fields. It's not the attack that is interesting; it's the secret-keeping.
If the attack really was known and kept a secret, it also seems like there would have been lawsuits by customers having been sold a security system with a known but undisclosed vulnerability, lawsuits for them to recover the cost of having to replace everything with two-cylinder master key locks which are not vulnerable.
More likely, although a huge number of locksmiths know how master keys work, few, perhaps no one until Matt Blaze (not a locksmith), thought about how turn the knowledge into an attack. It seems like it would have been rare that a locksmith would have legitimately needed to create a master key within the constraints in which the attack works: you have a working key but are not permitted to disassemble the lock. If you can disassemble the lock, which is what locksmiths do day in and day out, measuring pins to create a key is (I think) a straightforward operation for them.
No comments :
Post a Comment