Categories
Personal

TSA Master Keys, Threat Models, and Encryption

Earlier this year, someone noticed that the Washington Post had published a story with the following picture:

TSA Master Keys

Once that photo was noticed, a few intrepid hackers began a search for higher resolution photos, which weren’t long in coming. From those photos, they reverse-engineered CAD files of the keys, and the results are STL files for the 7 Master Keys that the TSA has for luggage locks in the US. Here are two different Github repos with the downloadable files.

On Saturday, Oct 17 2015, while testing the setup of a new 3D printer, I decided to see how easy it would be to use one of these keys on a TSA approved lock. There happened to be a luggage lock laying around the Berkman Fellows room that no one knew the combination of, so I had a test subject within easy reach. Within about 15 minutes, I had a key printed. I spent about 2-3 minutes cleaning it (smoothing edges and picking off rough spots in the printing). Maybe 2 minutes after that, I had the lock open.

This is the perfect illustration of why security that has backdoors for law enforcement isn’t actually security. Once there is an intentionally created hole in your security strategy, you should assume that anyone that you are attempting to prevent accessing your luggage/email/passwords will ALSO have access to your intentionally created security hole. This is the same concept that Cory Doctorow uses in his condemnation of DRM (you can’t lock something up with a key and then give the key to the person you are trying to prevent accessing your thing) as well as the argument against giving backdoor access keys for encryption algorithms to governmental agencies. It is simply impossible to have security, whether that term is used for physical objects, communication, storage of information, or anything else, and also to have holes intentionally added to the system for the benefit of “the good guys”. Once the key exists, anyone can make their own copy of it.

printing key

With government around the world arguing for technology companies to build in “golden keys” for encryption used on phones and other digital devices, we need to be wary of anyone that believes that such access would only be used for good, or only by the right groups.

Why is strong and reliable encryption so important?  I think Bruce Schneier said it most plainly:

If we only use encryption when we’re working with important data, then encryption signals that data’s importance. If only dissidents use encryption in a country, that country’s authorities have an easy way of identifying them. But if everyone uses it all of the time, encryption ceases to be a signal. No one can distinguish simple chatting from deeply private conversation. The government can’t tell the dissidents from the rest of the population. Every time you use encryption, you’re protecting someone who needs to use it to stay alive.

This is why the Library Freedom Project and their work to put Tor Nodes in Libraries is so important. It’s why libraries should be moving all of their services to encrypted channels. In many ways, this isn’t just about protecting our patron’s information (although that is a good and sufficient reason to use these services and to be worried about electronic security).

Encryption is like vaccination…we shouldn’t be driven to do it because it helps us. We should be driven to do it because it helps the world.

There is also an argument for libraries to use and support strong encryption for free speech reasons, but that will take another post and a more subtle argument.

By griffey

Jason Griffey is the Director of Strategic Initiatives at NISO, where he works to identify new areas of the information ecosystem where standards expertise is useful and needed. Prior to joining NISO in 2019, Jason ran his own technology consulting company for libraries, has been both an Affiliate at metaLAB and a Fellow and Affiliate at the Berkman Klein Center for Internet & Society at Harvard University, and was an academic librarian in roles ranging from reference and instruction to Head of IT at the University of TN at Chattanooga.

Jason has written extensively on technology and libraries, including multiple books and a series of full-periodical issues on technology topics, most recently AI & Machine Learning in Libraries and Library Spaces and Smart Buildings: Technology, Metrics, and Iterative Design from 2018. His newest book, co-authored with Jeffery Pomerantz, will be published by MIT Press in 2024.

He has spoken internationally on topics such as artificial intelligence & machine learning, the future of technology and libraries, decentralization and the Blockchain, privacy, copyright, and intellectual property. A full list of his publications and presentations can be found on his CV.
He is one of eight winners of the Knight Foundation News Challenge for Libraries for the Measure the Future project (http://measurethefuture.net), an open hardware project designed to provide actionable use metrics for library spaces. He is also the creator and director of The LibraryBox Project (http://librarybox.us), an open source portable digital file distribution system.

Jason can be stalked obsessively online, and spends his free time with his daughter Eliza, reading, obsessing over gadgets, and preparing for the inevitable zombie uprising.

One reply on “TSA Master Keys, Threat Models, and Encryption”

Leave a Reply

Your email address will not be published. Required fields are marked *