Teaching Cryptography with Lockpicking

I want to look at ways to relate physical models to core security concepts such as cryptography, to raise awareness and understanding of security for those who are less technical. As part of this I’ll be looking at mapping picking to power analysis, a technique for monitoring power consumption in hardware to discover cryptographic secrets.

Mechanical lock picking is an obvious starting point for this form of teaching since the terminology carries across reasonably well (or at least everyone understands keys) to digital lock picking. The first problem is that while it is simple enough to come up with a lockbox analogy for symmetric and asymmetric encryption, the single pin picking of locks doesn’t map across quite so well.

The lockbox analogy for cryptography

The box-and-lock analogy is one I still use. I’ve found it very useful to explain the core concepts of symmetric and asymmetric cryptography to people who have no security experience. It’s also quite easy to put together a quick picture of how it works, which always helps an audience to remember the information later on. Illustrations matter, and giving people a physical model they can relate to is the best way I’ve found to get abstract concepts across.

Simple lockbox model for symmetric and asymmetric encryption

What I really want is a way to map picking to decryption. I illustrate brute force secret guessing using a large ring of keys. Just try each one until the lock opens, now imagine trying to do this with n keys and think how long it would take. Simple analogy. How do I model a more advanced attack on the physical (single pin picking) to something in the digital world? After all, one of the key differences is that cryptographic, mathematical ‘locks’, don’t have any build tolerances. There’s no leakage of information when you hit just one part of the solution.

Except that at some point cryptography ultimately comes down to hardware. While the mathematics might be flawless there will always be some give in hardware. In a perfect analogy to picking a lock by probing individual pins, applying pressure and feeling or listening for give in the mechanism. “Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process.”

Power analysis as single pin picking

Like single pin lock picking, power analysis hinges on the fact that a system is ultimately implemented in some physical medium. During implementation, there are compromises, since mathematics does not translate across perfectly, and these compromises introduce weaknesses into a system. Kocher, Jaffe and Jun’s paper, and their more recently followup detail the methods in-depth. Here we’re concerned only with the concepts and communicating them to a non-technical, interested audience.

In that vein, all we need to know about power analysis is that the analogy of single pin picking maps across intuitively. Fundamentally the attacker is probing a system in a constructive and measured way to find small pieces of information to allow them to duplicate a key. The fantastic thing about this analogy is, unlike other cryptographic attacks, the attacker is discerning individual key segments. With only a small stretch we can liken these to pins in a lock. Even better, as a side-channel attack, the concept of power analysis directly relates to applying pressure and listening for the click of a pin setting. In power analysis, the ‘click’ we hear is a variation in power consumption, but the principle is the same.

Join the discussion