科学美国人60秒 智能手机可以“听到”门钥匙的形状(在线收听

Someone who knows how can pick a door lock using a paper clip. But how about with a smartphone? Researchers at the National University of Singapore wondered if smartphone audio of a key turning a lock could be analyzed to determine the shape of the key. Spoiler alert: under the right conditions, they could create a few very good candidate keys—including the correct key.

某些人知道如何用回形针撬开门锁。但智能手机呢?新加坡国立大学的研究人员想知道,能否通过分析智能手机钥匙转动锁头的声音来确定钥匙的形状。剧透警告:在适当的条件下,智能手机可以创造一些非常好的候选键——包括正确的键。

Soundarya Ramesh, a grad student who worked on the system, which the researchers called SpiKey, said the work was inspired by previous research where the movement of smartwatches on people’s wrists was actually used to crack combination locks.

研究人员称该系统为“SpiKey”,研究人员研究生桑卓雅·拉美斯(Soundarya Ramesh)表示,这项工作的灵感来自于之前的研究,人们手腕上智能手表的运动实际上是用来打开密码锁的。

“So we were like, ‘Okay, people are doing this for combination locks. Maybe there are some similar insights that we can apply to other kinds of locks.’ And the most prevalent kinds of locks are these physical locks and keys.”

“所以我们就想,‘人们都在用这个来做密码锁。也许我们可以将一些类似的应用用到其他类型的锁上。’而最常见的锁就是这些物理锁和钥匙。”

The first task for the team was to get audio from a key opening a lock and see if they could pull useful information from the audio.

团队的第一个任务是从一把钥匙上获取开锁的声音,看看应用能否从中提取有用的信息。

“Whenever you insert a key into a lock, it produces a series of click sounds.”

“每当你把钥匙插入锁中时,它就会产生咔哒声。”

The pins of the lock moving over the ridges of the key produces the clicks ...

当锁销移动到钥匙的脊上时,就会发出咔嗒声……

“Which is not really audible for the human ear because it is too close to be resolvable. But when you hear it from a high-quality microphone, and when you hear it at a slower speed, you can actually hear these click sounds.”

人耳无法真正听到这种声音,因为距离太近了,无法分辨。但可以从一个高质量的麦克风听到声音,当较慢速度旋转时,可以听到咔嚓咔嚓的声音。

Once they verified that getting this series of clicks out of audio was possible, they moved to using simulations. Because for the type of lock they chose, the “key space,” or the number of possible unique keys, was 586.584. And they wanted to test how this type of analysis would work on every possible key. So instead of using actual audio recordings, they just simulated where the clicks would be.

一旦验证了从音频中获得这一系列声音键是可行的,研究人员便开始模拟。因为他们选择的锁的类型,“密钥空间”,或可能的唯一密钥的数量,是586584.他们想测试这种分析方法如何在每一个可能的键上工作。所以他们没有使用真正的音频记录,而是模拟点击的位置。

“SpiKey was like a best-case analysis for an attacker. So if he manages to get all the click information precisely, then this is how the results will be.”

SpiKey就像的最佳案例分析。所以,如果成功地获得了所有的按键信息,那么结果就会是这样。”

Using the time between each click and some clever geometry, the researchers attempted to figure out the shape of each key. Immediately, about half of the possible keys were deemed “unattackable” because some of the clicks those keys would produce would overlap. That left about 330.000 potential key shapes. More analysis was able to narrow down each sound signature to just a handful of key patterns.

利用每次点击之间的时间和一些巧妙的几何图形,研究人员试图弄清楚每个键的形状。大约一半的可能的键被认为是“不可攻击的”,因为这些键产生的一些点击会重叠。这就留下了大约33万个潜在的关键形状。更多的分析能够将每个声音特征缩小到几个关键模式。

The strategy is a long way from being viable in the real world. For one thing, the method relies on the key being inserted at a constant speed. And the audio element also poses challenges like background noise.

这一策略在现实世界中还很难实现。首先,该方法依赖于以恒定速度插入锁中。声音方面也会有一些难题,比如背景噪音。

“The main point of this work was not to say, ‘Stop using the keys; they are not really good.’ It’s more about just being aware of what keys we are using, what locks we are using. I think being aware of what is on your front door is actually very important.”

“这项工作的重点不是说,‘停止使用钥匙;钥匙们不好。更重要的是要意识到我们用的是什么钥匙,用的是什么锁。我认为知道你的前门安装的是什么实际上是非常重要的。”

  原文地址:http://www.tingroom.com/lesson/sasss/2022/547588.html