SpiKey: How Lock Sounds Can Be Used to Duplicate Keys

By Sydney ColeHardware Hacking

SpiKey Technology: Duplicating Keys by Recording Lock Sounds

Researchers from the National University of Singapore have published a report on an intriguing lock-picking technique called SpiKey. They claim that by eavesdropping and recording the sound of a lock being opened, it’s possible to create a duplicate key for that lock.

According to the researchers, while a physical lock can be picked using traditional methods, those require specific knowledge, skills, and tools. Traditional lock-picking also leaves traces on the inside of the lock, which can later be detected by forensic experts.

The attack proposed by the researchers involves using a regular smartphone microphone to capture the sound of a key being inserted and turned in a lock. This sound can reveal information about the shape and cuts of the key, which can then be used to create a copy.

How SpiKey Works

Special software analyzes the timing between the clicks that occur when the key’s cuts interact with the lock’s pins. Based on this data, the software reconstructs the key. The resulting information can be used to create a physical copy of the key, for example, with a 3D printer.

The program doesn’t produce a single ready-to-use key, but rather several candidate keys. However, this “acoustic” analysis of a standard six-pin key can eliminate over 94% of possible keys, narrowing it down to about 10 candidates (and often as few as 3).

Limitations of the SpiKey Method

  • Some types of keys produce so-called “overlapping clicks” when inserted, which are very difficult to analyze. As a result, only about 56% of keys are vulnerable to SpiKey.
  • For best results, the software requires the key to be turned at a constant speed, which rarely happens in real life. However, this can be overcome by recording the lock being opened or closed multiple times.

An attacker could install malware on the victim’s smartphone or smartwatch to record the necessary sounds, or collect data from door sensors equipped with microphones.

The researchers note that the clicks should be recorded from about 4 inches (10 centimeters) away from the lock. For greater distances, a parabolic microphone would be needed.

Physical vs. Digital Locks

“There’s no reason to believe that digital locks provide better security, especially given the number of cyberattacks we see today. While attacks on physical locks require the attacker to be present, digital attacks can be remote, which is quite alarming. Perhaps we should take inspiration from two-factor authentication, and combining physical and digital door locks may be the safest path forward,” the experts conclude.

Leave a Reply