Side channel attacks: Physical security
[via: Bruce Schneier's Crypto-gram]Flaw in Winkhaus Blue Chip Lock
The Winkhaus Blue Chip Lock is a very popular, and expensive, 128-bit encrypted door lock. When you insert a key, there is a 128-bit challenge/response exchange between the key and the lock, and when the key is authorized it will pull a small pin down through some sort of solenoid switch. This allows you to turn the lock.
Unfortunately, it has a major security flaw. If you put a strong magnet near the lock, you can also pull this pin down, without authorization -- without damage or any evidence.
- MIT Guide to Lock Picking
- Lock Picking 101
- Illegal engineering by Tim Hunkin
- Matt Blaze: Master-Keyed Lock Vulnerability[pdf]
- Matt Blaze: Notes on Picking Pin Tumbler Locks