Acoustics to the Rescue: Physical Key Inference Attack Revisited
Soundarya Ramesh and Rui Xiao, National University of Singapore; Anindya Maiti, University of Oklahoma; Jong Taek Lee, Harini Ramprasad, and Ananda Kumar, National University of Singapore; Murtuza Jadliwala, University of Texas at San Antonio; Jun Han, National University of Singapore
Lock picking and key bumping are the most common attacks on traditional pin tumbler door locks. However, these approaches require physical access to the lock throughout the attack, increasing suspicion and chances of the attacker getting caught. To overcome this challenge, we propose Keynergy, a stealthy offline attack that infers key bittings (or secret) by substantially extending and improving prior work that only utilizes a still image of the key. Keynergy effectively utilizes the inherent audible “clicks” due to a victim's key insertion, together with video footage of the victim holding the key, in order to infer the victim's key's bittings. We evaluate Keynergy via a proof-of-concept implementation and real-world experiments comprising of participants that perform multiple key insertions across a total of 75 keys with the related audio recorded using different microphone types placed at varying distances. We demonstrate that Keynergy achieves an average reduction rate of around 75% with an acoustics-based approach alone. When we combine both acoustics and video together, Keynergy obtains a reduced keyspace below ten keys for 8% of the keys (i.e., six keys out of 75 keys tested).
View the full USENIX Security '21 Program at https://www.usenix.org/conference/usenixsecurity21/technical-sessions