Breaking the lock, breaking the lock. (video link)

Last year, the Washington Post published a story on airport luggage handling that contained unobscured images of the “backdoor” keys of the Transportation Safety Administration, along with many other security agencies around the world, used to gain access to luggage secured with Travel Sentry locks. These locks are designed to allow travelers to secure their suitcases and other baggage items against theft with a key or a combination, while still allowing the secured luggage to be opened for inspection—ostensibly by authorized persons only. The publication of the images effectively undermined the security of the Travel Sentry system, since the images were of sufficient quality to create real-world duplicate keys.

Because Travel Sentry locks are physical things, images of the keys showing the configuration of teeth and notches and shafts are more than enough to enable key makers to construct duplicates. The security of the system hinges on consumers being able to trust that only a properly authorized person can open their luggage, and that trust (even if it has always been hilariously misplaced) is gone. As Bruce Schneier commented a few days ago: “The whole thing neatly illustrates one of the main problems with backdoors, whether in cryptographic systems or physical systems: they’re fragile.”

Read 5 remaining paragraphs | Comments


Video: 3D printed TSA Travel Sentry keys really do open TSA locks