The US Transportation Security Administration (TSA) requires that they have seven master keys to open travelers’ locks when necessary and the passengers are not present. Security experts have, however, successfully cloned these keys and made them available for 3D printing, showing “how weak encryption mechanisms are broken.”
An article in The Washington post included a shot of all seven keys laid out on a desk. This enabled security researchers to study and successfully reproduce said keys, reports Tech Crunch.
The groups of hackers, identified as DarkSim905, Johnny Xmas and Nite 0wl explained how and why they cracked the TSA keys at the recently concluded HOPE Conference in New York.
Johny Xmas stated, “This was done by legally procuring actual locks, comparing the inner workings and finding the common denominator. It’s a great metaphor for how weak encryption mechanisms are broken — gather enough data, find the pattern, then just ‘math’ out a universal key (or set of keys). What we’re doing here is literally cracking physical encryption, and I fear that metaphor isn’t going to be properly delivered to the public.”
For those who have access to a 3D printer, the schematics for the aforementioned keys can be downloaded at this github link.
However, despite the reproduction of the master keys, TSA finds the incident to be a non-threat to the safety of travelers’ luggage.
But with people other than authorities having access to these keys, what would be the point of locking your luggage in the first place? Alfred Bayle