What could your luggage tell you about the cryptography?

crypto Oct 14, 2018

Typical luggage case padlock
A typical luggage case padlock with 3 rings and TSA (backdoor) lock on the left.

A combination of 3 digits - this is the level of protection offered by the vast majority of luggage cases on the market. 3 digits secret code, that should keep all your personal belongings safe at the aircraft, lobby and hotel room. Lots to expect for just 3 digits...

Let's say you already selected your secret code and you're just going on your holiday. Each time you want to lock your luggage case you have to decide, how to position the code rings. Basically, to lock the case you have to set the invalid code. Is it better to pick a random code each time (by turning rings blindly) or to use exactly the same invalid combination wherever you want to lock the case? Let me stop here for a moment.

From the mathematical point of view, our lock has 10x10x10 = 1000 different combinations. A chance to guess the code is 1/1000. Taking this into account, each invalid code is just "as good" as the other one. But what if someone is really determined to open your case anyway? What if he wants it so bad, that each time you don't look at your bag he will take a photo of the current code?

Surprisingly, using the same invalid code each time guarantees, that every photo will contain only this combination (the one, that is already known to be invalid). That means that the chance of guessing the code drops to... 1/(1000-1). That doesn't look so bad, huh?

What about setting an invalid random code each time? In fact, this is a completely different story. Assuming that our desperate attacker will take N photos of distinct invalid codes, the chance of guessing correctly drops to 1/(1000-N) - so the more photos he would take, the easier the guessing would be.

Lock over another lock
Does adding another padlock really improve the overall security? What about DES vs 3DES? Is there any other way of breaking the lock here?

All presented formulas will hold only if you distribute the invalid codes space uniformly, so if the chance of setting value X on the ring is exactly the same as for other possible values. It may seem safer to change numbers at every position to avoid someone opening the case by turning only some of the rings. In reality, this tells the attacker that none of the numbers currently set up are correct. If you have a habit like this, we could observe a further guessing-proveness drop to 1/(9x9x9 - N) = 1/(729-N) (cause now each ring may point to only 9 values). It looks like the overall security level is not only about the lock itself, but also dependent on how you use it! For example, if you are turning the rings in the same direction each time it could be even easier to predict what is the secret combination... There are tons of possible small mistakes that you could do even in such a simple case. Exactly the same as for cryptography!

Key size, Initial Vector (IV) value, selected cipher algorithm, crypto implementation & usage scenario - all that matters in terms of security! Please, think about this each time you are implementing it on your own. You have to be really well prepared - otherwise, someone may just brute-force your luggage lock (by checking every possible combination manually) in the time shorter than the one needed to read this post till the end :-)


Mike Kowalski

Software Architect believing in craftsmanship and the power of fresh espresso. Writing in & about Java, distributed systems, and beyond. Tweeting as @mikemybytes. Mikes his own opinions and bytes.