Please do not Duplicate: Attacking the Knox Box and Other Keyed Alike Systems

DEF CON 26

Presented by: m010ch_
Date: Friday August 10, 2018
Time: 10:30 - 10:50
Location: Track 3

Knox Boxes, along with other rapid entry systems are increasing in popularity, as they allow first responders such as police, fire, and paramedics to quickly gain access to a building in the event of an emergency without having to force entry. These devices rely on the security and key control provided by various locks to prevent unauthorized access to buildings. In this talk, I will focus on vulnerabilities of the widely used Knox Box and Medeco cam lock to key duplication attacks. I will demonstrate how a sufficiently skilled attacker could obtain a key that would grant them access to thousands of residential and commercial buildings throughout America, as well as show off new tools designed to streamline the process of duplicating physical keys using CAD and 3D printing. What could possibly go wrong when someone tries to backdoor an entire city?

m010ch_

m010ch_ is a physical security enthusiast and computer science student who spends most of his free time doing terrible things to locks. He enjoys participating in locksport competitions, and can often be found hunched over his desk, poking at small pieces of metal until he gets frustrated.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats