Now just HEARING you unlock your door is enough for hackers to break into your house
CRIMINALS could break into your house by simply recording the sound your key makes and using that to create a replica.
This is according to a researchers who have been studying “acoustics-based physical key inference”.
They focused their study on pin tumbler locks, a common type of lock, that make familiar click sounds when you push a key into them.
Recording this sound, slowing it down and analysing it is apparently enough to work out what shape a key needs to be to open the lock.
Doing something like this would require a lot of time and equipment so criminals would actually be better off trying to physically pick a lock.
However, the research does highlight an unusual security loophole.
Pin tumbler locks contain pins that need to be pushed at certain angles in order to open[/caption]
When you put a key in a pin tumbler lock, it reaches a “biting point” where it hits a series of pins at varying degrees.
Once this point is reached that’s when the lock can turn and creates clicking sounds.
The research team mapped different types of these lock clicking sounds and made a proof-of-concept simulation software system that could determine the shape of the key being used.
The researchers example of how the recording would take place[/caption]
Timings of the clicks can reveal the possible distances of biting points and an algorithm can be used to create all the possible key designs.
The team have called their system SpiKey.
It usually suggests around three key shapes that could be tried.
Complicated maths is involved but of the 586,584 key combinations for a 6-pin lock, over half would be vulnerable to SpiKey.
Limitations include the fact a hacker would need to stand near the person unlocking the door to record the sound or go to the effort of hacking into their phone microphone.
Keys must also be inserted slowly for the audio recording to be useful and not everyone will have a pin tumbler lock.
The researchers concluded in their paper: “SpiKey inherently provides many advantages over lock-picking attacks, including lowering attacker effort to enable a layperson to launch an attack without raising suspicion.”
Most read in Phones & Gadgets
In other news, Instagram has been accused of hoarding facial recognition scans of 100millions users without their consent.
TikTok hoarded private user data for over a year in a flagrant breach of app store rules set by Google.
And, Android users can now check if they’ve been hacked in seconds if they use Chrome Canary.
What do you think of this lock picking concept? Let us know in the comments…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at email@example.com