Exploiting Key Space Vulnerabilities in the Physical World

Presented at DEF CON 28 (2020) Virtual, Aug. 7, 2020, 4:30 p.m. (30 minutes)

Imagine being able to get together with a few of your co-workers, look at your office keys and derive a building master key. Or you may not have any working key at all: you could impression the lock, or use one of the many ways we'll present in this talk to put together little bits of information from a lock to create a working key. We apply information theory - the concept behind the "entropy" of a password - in an easy to understand way to show how every little bit of information about a system can be used to defeat it. The audience will be able to pull any key out of their pocket and understand how it works and how an attacker can create it covertly, and open whatever lock it is for, or even a lock it isn't for, that shares the same system. We'll explain how to produce either a single final key, or a set small enough to economically brute force - and release a software tool to let anyone quickly try out all possibilities in an easy-to-visualize way. Finally, we will discuss possible solutions to these problems and introduce vulnerabilities our research has uncovered in high-security systems like Medeco, Abloy, and Mul-T-Lock - including releasing a set of only 159 possible top level master key codes for certain large Medeco mastered systems.

Presenters:

• Bill Graydon - Principal, Research, GGR Security
  Bill Graydon Bill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He's passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CON's Lock Bypass Village. He's received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, software development, anti-money laundering, and infectious disease detection. https://twitter.com/access_ctrl https://github.com/bgraydon https://www.youtube.com/channel/UCzZK3vjJL9rKNPXNoCPFO5g

Links:

• https://defcon.org/html/defcon-safemode/dc-safemode-speakers.html#Graydon
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Bill Graydon - Exploiting Key Space Vulnerabilities in the Physical World - Q&A.mp4
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Bill Graydon - Exploiting Key Space Vulnerabilities in the Physical World.mp4
• https://infocon.org/cons/DEF CON/DEF CON 28/DEF CON Safe Mode video and slides/DEF CON Safe Mode - Bill Graydon - Exploiting Key Space Vulnerabilities in the Physical World.srt (subtitles)
• https://www.youtube.com/watch?v=suN0IsifTyY

Similar Presentations:

• May Contain Hackers (MCH2022) / Decoding the Anker 3800 lock
• DEF CON 27 (2019) / Duplicating Restricted Mechanical Keys
• ToorCon San Diego 12 (2010) / Attack the Key, Own the Lock