In order to unlock the device, it needs a sequence of those 5 buttons (however many presses of those 5 button it allows). Think about the technical implementation, not about the user or what's painted on the buttons: it's a keypad with 5 buttons. Still, this observation only strengthens the conclusion that, smudged or not, fewer buttons can't ever be more secure (and may be less). For randomly chosen passcodes, this starts to become an issue (due to the birthday paradox) when n < ℓ ², and will definitely be an issue when n < ℓ. Of course, one further way in which reducing the number of buttons can weaken security, even under the heavy-smudging scenario above, is if two numbers used in the passcode get mapped onto the same button on the smaller keypad (thus reducing both n and k). Thus, typically, having fewer buttons does decrease security somewhat, but probably not quite as much as a naïve calculation ignoring smudging would lead one to expect (since it has already been reduced by smudging). Reality is typically somewhere between these two extremes: an attacker might be able to observe some wear and smudging on the buttons, and thus get some information on how likely each button is to be part of the passcode, but unless the keypad is really worn and/or filthy, they probably can't be 100% sure. (The actual number is a bit fewer than k ℓ, since codes that only use less than k different buttons can be ruled out, but it still doesn't depend on n at all.) In that case, the unused buttons become completely irrelevant, and so the attacker knows that there are only at most k ℓ possible passcodes (of which they, again, on average need to try half to find the right one) regardless of n. The buttons are never cleaned, and accumulate smudges that eventually allow an attacker to tell exactly which k buttons are used in the passcode. In this case, there are n ℓ possible passcodes, of which the attacker must on average try half before finding the correct one. The buttons are kept clean, so that an attacker can't tell which buttons are part of the passcode. Specifically, let us assume that the passcode is known to be ℓ digits long, and uses k buttons out of a total of n, and consider the following two extreme cases: *) Since the issue of smudge attacks has already been brought up, let me briefly note that they don't affect the general conclusion that fewer buttons cannot be more secure. But from a usability perspective, it's definitely a win.) (Whether that's good or bad for security is debatable arguably, if users couldn't pick codes like that, many of them would either fall back on something even less secure like 12341234, or just write down their passcode on a post-it note. With just five digits to choose from, you can't pick an easily memorizable passcode like 31121976 or 31415926. "It's basically a 5 button lock that allows people to abuse their birthday or pin code for a password." As for why the buttons on your example lock are double-numbered, Dennis Jaheruddin probably nailed that in the comments: So you're probably right: it's just done for aesthetics and/or to save costs. No, assuming equally long passcodes, having fewer buttons cannot increase security in any way.ĭepending on how the passcodes are chosen, and whether or not the buttons are regularly cleaned to remove smudges*, it (might or) might not decrease security significantly, but reducing the number of buttons certainly cannot make the lock more secure.
0 Comments
Leave a Reply. |