[12377] in cryptography@c2.net mail archive
Re: [IP] Master Key Copying Revealed (Matt Blaze of ATT Labs)
daemon@ATHENA.MIT.EDU (Len Sassaman)
Fri Jan 24 15:37:07 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Fri, 24 Jan 2003 12:32:52 -0800 (PST)
From: Len Sassaman <rabbi@abditum.com>
To: Matt Blaze <mab@research.att.com>
Cc: <cryptography@wasabisystems.com>
In-Reply-To: <200301241953.h0OJrut17140@fbi.crypto.com>
On Fri, 24 Jan 2003, Matt Blaze wrote:
> I have no particular interest in seeing you eat crickets (and before
> I went veggie I've eaten a few myself; taste like whatever they're
> cooked in), but I've done it on Medecos; it's no problem.
Well, unfortunately I specified "live", which probably precludes the
cooking bit. Hmm. Cricket fondue, perhaps.
> The angles will be the same on the master as the change key; only the
> cut depth will differ.
That isn't necessarily the case. High-security Medecos can have multiple
valid pin rotation positions -- the pin's angled surface doesn't need to
be flush with the key. This allows much larger number of possible pin
combinations, and I think it would make your attack infeasible in practice
(particularly since the attacker presumably doesn't know if there are
dummy steps added, or if the key is part of a master-ring system. That's a
lot of work to do only to find out the attack wouldn't have worked in the
first place.)
> If you have a code cutter at the oracle lock it's no different from
> doing the attack regular locks, except that Medeco's MACS restrictions
> mean you have to be careful about whether you use the change depth or
> previously learned master depth at the positions adjacent to the
> position under test.
That would certainly be true.
> If you're using a file at the oracle lock, just use a code machine to
> pre-cut a #1 cut at the right angle at each position; the sharp angle
> actually makes filing a bit easier than on locks with a standard cut.
> I recommend a light garlic sauce.
*grin*
Have you found a source for the factory-controlled Medeco key blanks?
--Len.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
