Security

Captured images of your physical keys can be used to make copies

It seems like every time we turn around, there is another threat to our privacy and security that needs to be addressed. This time, it's your physical -- not cryptographic -- keys.

They say that imitation is the sincerest form of flattery, but there are definitely times that you do not want someone copying you without your express permission. One such time is the case of your house and car keys. It is always important to avoid letting your keys out of your sight in the hands of people you do not explicitly trust.

Unfortunately, that level of care is not sufficient, and as technology advances there will be growing dangers to the physical keys you carry around with you. Computer scientists at the University of California: San Diego, Jacobs School of Engineering, have presented proof-of-concept for capturing images of keys from a substantial distance and using those images to make working copies of the keys.

Relatively security-conscious people, when posting images on the Internet, have tended to use tools like Photoshop, MS Paint, the GIMP, Cinepaint, ImageMagick, and scads of other tools to blur out names, addresses, street signs, telephone numbers, and other identifying information that might appear in an image. Even an unmodified photo of your keyring can prove your undoing, however.

As reported by the UCSD Jacobs News site in 2008, in Keys Can be Copied From Afar, Jacobs School Computer Scientists Show:

"We built our key duplication software system to show people that their keys are not inherently secret," said Stefan Savage, the computer science professor from UC San Diego's Jacobs School of Engineering who led the student-run project. "Perhaps this was once a reasonable assumption, but advances in digital imaging and optics have made it easy to duplicate someone's keys from a distance without them even noticing."

This may be old news, but it is not nearly widely-enough circulated news. In stumbling across a discussion forum where an entire thread was devoted to photographs of their "every-day carry" — an inventory of their pocket contents on an average day — I discovered numerous photos of keyrings. Among them, I think only one took the time to blur out the bumps and valleys on their keys.

Again, from the UCSD Jacobs article:

Professor Savage notes, however, that the idea that one's keys are sensitive visual information is not widely appreciated in the general public.

"If you go onto a photo-sharing site such as Flickr, you will find many photos of people's keys that can be used to easily make duplicates. While people generally blur out the numbers on their credit cards and driver's licenses before putting those photos on-line, they don't realize that they should take the same precautions with their keys," said Savage.

Read the UCSD Jacobs article for more about the technical process used to copy keys from photos.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

Editor's Picks