See http://stantonconcepts.us/rks.html for the reverse of this; a combination lock designed to only be opened by a machine (you can do it by hand, but with 5 discs it takes a long time)
Facinating concept. I suppose it should be pretty safe to build the machine into the lock too (have the controller be a pretty straightforward pin/pw->dial combo). Would still be vulnerable to keylogging -- but the general principle of "just a decent/high-precision combination lock", paired with "too many combination for brute force to be feasible" is interesting.
Incredibly cool, is the algo for this available? It seems like a handy thing to have in a mobile app...
Edit: It's not laid out as an algorithm proper, but the process is detailed on a page[1] linked from his site. And, surprise surprise, the algo itself is implemented in JS on the same page, so you can just view source to snag it ;)
It's interesting that the first digit of the combination can be found due to a design shortcut taken by Master. The inner and outer discs are manufactured identically which means that there is a redundant protrusion on the outer disc which causes detectable friction when it hits the shackle collar. If Master manufactured the out disc separately, without that protrusion, the first digit would be much harder to discover.
"Combo Breaker is a motorized, battery powered, 3D printed, Arduino-based combination lock cracking device. It is portable, open source, 3D models provided, and exploits a new technique I've discovered for cracking combination locks in 8 attempts or less, but in an even more exciting, automated fashion."
This is getting close to optimal for an HN post. Too bad it wasn't programmed with Erlang. :)
Interesting. The previous method I was aware of for cracking a combination lock of this type required a maximum of 80 attempts. I'll have to try out the new technique manually.
He exploits the fact that the last dial impinges on the shackle collar to reduce it to 8 attempts. A small manufacturing change could raise it back to the higher number of attempts.
It's not even a particularly tall barrier for cracking manually.
The face of the lock implies 64000 combinations. Knowledge of the internals reduces that by 99.875%. That's almost 3 whole orders of magnitude, and reduces the absolute worst case scenario for opening the lock to about 45 minutes. The attack need not take place all at the same time, either, and once completed, the lock can be opened in the same amount of time an authorized opener takes.
Don't use this type of lock to protect anything valuable, kids. It deters snoops and casual thieves only. Use it to secure your bike, and both may be gone when you return.
With fine enough resolution and strong enough materials, something that reaches in and precisely manipulates each pin to hold them at the correct height would be really cool, but it's probably beyond our current materials.
It does seem like nothing more than a sensing + manipulator problem. But as far as I know, sensors still aren't up to human abilities when it comes to tactile and auditory sensing.
I have a sincere question: are 3D printing materials strong enough to print a useful lock picking set? The pieces need to be extremely thin to fit into an average sized keyhole.
Fortunately you can buy a lock picking set pretty easily and inexpensively. I have a Sparrow lock picking kit, and IIRC it was around $20
I'm just an amateur lock-picker, but AFAIK plastics would be completely unsuitable for use as general lock-picking tools. Maybe for circular/tube-type locks -- but I doubt it.
Might be easy to print parts of a tubular lockpick/universial key(ing) tool.
For regular lock picks, metal 3d printers might work -- I'm not sure how brittle thin pieces would be. But those things costs a fortune, so I think making by hand would make much more sense.
The thinner pieces of metal from inside the anti-theft white plastic things on DVDs, expensive tools, etc work way better (and less likely to cut you) than aluminum can bits.
With quite a few locks, you could do the same with an ordinary credit card (or other plastic card of the same dimensions) if the bolt is exposed to the outside (which is common on older doors with worn/deteriorated trim, since the piece of trim blocking direct access to the bolt is usually a separate piece of wood from the rest of the door frame, allowing one to slip the card between it and the frame).
I think the best you could do just be examining the lock without opening it would be to figure out the wards (equivalent to figuring out what key blank the key is cut from). I'm not sure what sort of "scanning" would tell you where all the pin shear points were, which would be necessary to cut (or print) the notches into the key at the right depths.
How many pins? What number of heights for shear points? The pins resting height must have some correlation with length (weight) reducing the search space and the number of keys or key-fragments that need to get built.
I am talking about getting a sensor _into_ the lock not just looking at the outside.
The pin resting height on common locks are constant. A spring drives the top pin against the bottom pin against the bottom of the column. Without moving the pins, you don't get any info. If you can move the pins, you might as well just have the "sensor" pick the lock...
That would indeed be lock-picking; the difference between that and a decoder pick would be that the scanner and the key itself would be different devices.
I thought it was most interesting because it shows an automated mechanical sensing device that exploits a common lock. Many other types of locks can be picked by a human using sensory feedback and some basic techniques. It seems like not too big a jump to see this kind of device being built for other locks and even a more general purpose device being built for a wide range of locks.
Metasploit for devices. With drones, ascenders and brute force, physical security is dead. Anything too tedious for a human will be done by a robot. Witness the touch screen robots that can unlock numeric passwords on smart phones.
The next step up is to make it more general. Put a microphone in contact with the lock and listen. Upgrade the CPU to a Raspberry Pi or have it talk to a smartphone. That could work for locks up to medium-grade safe locks.
Not just a microphone but an array of microphones, use a parallella to deconvolve signal. Based on known mechanism designs one could almost image the lock internals in realtime.
I wondered if other passive methods (radiography) would be applicable but they all seem to rely upon having a sensor behind the subject. I suppose your suggestion would be something like sonar, however I cannot find any clear references to the difficulties of the applications of such techniques through solids. Did find this interesting tidbit, though: http://en.wikipedia.org/wiki/Anti-frogman_techniques#Ultraso...
Good links. I think I'd seen one of them before but still very interesting in aggregate. Perhaps time to take to the off-grid lifestyle, or perhaps the oceans?
