Hackers could use audio recordings to create a key to your front door

(Image credit: Shutterstock)

Audio recordings from smartphones could be used by hackers to create a set of keys to your front door, a new research paper has revealed. But don't panic yet, there's still some significant hurdles to be cleared before this becomes reality.

Published by academics from the National University of Singapore, the paper (opens in new tab) demonstrates how an audio recording of a key turning in a lock can be used to map its shape, size and ridge-pattern - information the eavesdropper could use to create a real-world replica.

The program that analyzed the audio recordings, named SpiKey, is said to be accurate enough to filter a database of 330,000 keys down to three candidates.

Audio analysis

The lock-breaking system works by analyzing the time elapsed between clicks made as the key ridges interact with pins in the lock, allowing the program to discern the key’s unique pattern of ridges.

The inter-ridge distances are used to create a virtual model of the key, which can then be 3D printed (opens in new tab) for use in real-life scenarios.

“Physical locks are one of the most prevalent mechanisms for securing objects such as doors. While many of these locks are vulnerable to lock-picking, they are still widely used as lock-picking requires specific training with tailored instruments and easily raises suspicions,” wrote the researchers.

“[SpiKey] significantly lowers the bar for an attacker by requiring only the use of a smartphone microphone to infer the shape of the victim’s key, namely bittings (or cut depths) which form the secret of the key.”

The paper does concede that SpiKey is only effective if the attacker has a base knowledge of the type of lock and key (which could be confirmed by inspecting the exterior) and if the speed of key insertion or withdrawal remains constant from start to finish.

In future, the research team plans to explore the possibility that click sounds could be collected by malware (opens in new tab) installed on a victim’s smartphone or smart watch and whether the same analysis technique could be applied to a recording taken at distance, which would minimize suspicion. 

One simple method of mitigating against attacks of this kind is to attach your front door key to a ring that contains multiple keys, which should create enough noise interference to make effective analysis impossible.

  • Here's our list of the best antivirus (opens in new tab) services out there

Via The Telegraph (opens in new tab)

Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.