Towards Inferring Mechanical Lock Combinations using Wrist-Wearables as a Side-Channel

TL;DR

This paper demonstrates that wrist-wearables' motion sensors can be exploited as a side-channel to infer mechanical lock combinations, revealing a new security vulnerability in physical locks.

Contribution

It introduces an inference framework that uses smartwatch gyroscope data to predict lock combinations, highlighting a novel security risk from wearable sensors.

Findings

Motion data can significantly reduce lock combination search space

Wrist-wearables can effectively leak lock combination information

The attack works in controlled and realistic settings

Abstract

Wrist-wearables such as smartwatches and fitness bands are equipped with a variety of high-precision sensors that support novel contextual and activity-based applications. The presence of a diverse set of on-board sensors, however, also expose an additional attack surface which, if not adequately protected, could be potentially exploited to leak private user information. In this paper, we investigate the feasibility of a new attack that takes advantage of a wrist-wearable's motion sensors to infer input on mechanical devices typically used to secure physical access, for example, combination locks. We outline an inference framework that attempts to infer a lock's unlock combination from the wrist motion captured by a smartwatch's gyroscope sensor, and uses a probabilistic model to produce a ranked list of likely unlock combinations. We conduct a thorough empirical evaluation of the proposed framework by employing unlocking-related motion data collected from human subject participants in a variety of controlled and realistic settings. Evaluation results from these experiments demonstrate that motion data from wrist-wearables can be effectively employed as a side-channel to significantly reduce the unlock combination search-space of commonly found combination locks, thus compromising the physical security provided by these locks.