Spy Tech: Listening May be the Key to Cloning Your Key Says Spikey

Physical locks are one of the most prevalent mechanisms for securing objects such as doors. While many of these locks are vulnerable to lock-picking, they are still widely used as lock-picking requires specific training with tailored instruments, and easily raises suspicion. 

In this paper, we propose SpiKey, a novel attack that significantly lowers the bar for an attacker as opposed to the lock-picking attack, by requiring only the use of a smartphone microphone to infer the shape of victim’s key, namely bittings (or cut depths) which form the secret of a key. 

When a victim inserts his/her key into the lock, the emitted sound is captured by the attacker’s microphone. SpiKey leverages the time difference between audible clicks to ultimately infer the bitting information, i.e., shape of the physical key.

As a proof-of-concept, we provide a simulation, based on real-world recordings, and demonstrate a significant reduction in search space from a pool of more than 330 thousand keys to three candidate keys for the most frequent case. more