C3Subtitles: 32c3: Replication Prohibited
back

Replication Prohibited

3D printed key attacks

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:44:16
Language
English
Abstract
Physical keys and locks are one of the oldest security mechanisms still employed
today. In this talk, we will discuss how 3D printing keys enable attacks against many modern lock systems. We will describe projects researchers and hobbyists have done involving 3D printed keys, and present our own research on automating several of these attacks in order to demonstrate how easy they are to do. Ultimately, we hope to describe the current state of 3D printed keys, and their impact on the physical security systems we most often take for granted.

Physical keys and locks are one of the oldest security mechanisms still employed
today. Despite their long-standing history, many still suffer from known
attacks including bumping, impressioning, teleduplication, and rights
amplification. To mitigate these attacks, many lock systems rely on restricted
keyways and use blanks that are not sold to the general public, making it harder
for attackers to obtain them. Often the key blank designs themselves are
patented, further discouraging distribution or manufacture by even skilled
machinists.

In this talk, we will investigate how rapid prototyping and 3D printing tools
can be used to attack modern lock systems. Even when manufactured on commodity
machines, 3D printed keys are now good enough to be used in a variety of
attacks. We demonstrate this by showing several example attacks against popular locks, from 3D printing the TSA master key, to our own attacks against restricted key systems. To test the strength of modern 3D printed keys, we present results from our paper of a controlled analysis on a range of printed
materials from plastic to metal, and show that it is possible to cheaply make or purchase 3D printed keys that are practically as strong as real keys. We also present a tool that can automatically
create a CAD model of a key blank, given only a single picture of the front of
the corresponding lock. This tool makes the attacks that 3D printing enables
against locks even easier and cheaper by no longer requiring skilled 3D design knowledge, and provides a warning to start looking
for alternatives to secure physical goods. Lastly, we describe defenses
that modern lock manufacturers can do to ensure their locks are not easily
bypassed by 3D printing technology, including new lock designs, as well as putting more emphasis on existing designs that may resist 3D printing-enabled attacks for years to come.

Website: https://keysforge.com/
Paper: https://keysforge.com/paper.html

Talk ID
7435
Event:
32c3
Day
4
Room
Hall 2
Start
11:30 a.m.
Duration
01:00:00
Track
Hardware & Making
Type of
lecture
Speaker
Eric Wustrow