And another thing! The French Patent office many years ago ceased allowing patents on keys that did not have a movable element, which led to the development of many keys that cannot be readily duplicated without access to either the restricted blanks or very serious equipment & knowhow with which to make the blanks. These systems remain well outside the realm of 3D printing. DOM Saturn[0], Mul-T-Lock Interactive (and up), Vachette Radial[2] and a handful of others.[3]
Mechanical locks are far from dead, but I'd love if someone reading this took it as a challenge to reproduce keys with movable components. I'm a big proponent of pushing these systems and finding ways to circumvent them, using any technology available. I just don't like it when the response is to throw the baby out with the bathwater.
You can make a electronic bump key that will open most doors for <$100, most buildings have windows (cover them in duct tape to break without noise), and even the wire mesh in the walls of a "secure" building can be cut with thermite. If you want real physical security you're going to need much harder materials: steel, titanium, tungsten, concrete.
This comment captures the security problem well.
> "[Locks] are more of a tamper-evident seal, or a delay tactic. The issue with bumping, picking, carding, and 3d-printing is how it invalidates the current approaches towards those two aspects."
However, of those options, 3D-printing is clearly the worst. Bump keys and carding latches takes seconds, picks minutes, and 3D printers hours. It seems that the only situation this method would be useful is with advance access to a key, a radial-pin lock, and a free 3D printer.
Human behavior toward keys makes mechanical locks insecure. We've been able to reproduce keys, even fairly complex ones, well before 3D printers came along. Get a clean enough impression/scan/photograph and we can make it happen, perhaps 3D printing is seen as making it more accessible to the general population.
I'm about to go on a whole thing here, so let me first say that I am excited about their work and I have personally been pushing for years to see more high security key printing happening (see Nirav Patel's Abus Plus key printing[0])
What I take umbrage with is the idea that this development is going to be the death of mechanical locks. Even the suggestion that it _should_ be the death of mechanical locks. In the Forbes article [1] One of the students behind this work suggested that his goal was the elimination of mechanical locks:
"If we show that mechanical locks are vulnerable to key duplication just by having a handful of numbers you can download off the internet, hopefully they'll be phased out more quickly," says Van Albert.
What this fails to address is that the cuts on your key are supposed to be a secret, and your behavior toward your keys should be the same as your behavior toward a password. You don't pass it around and you are very careful about who you trust it with.
I also dislike the characterization of the discovery of the "numbers" in the main and sidebar bittings. That information has been publicly available and the suggestion that they "reverse-engineered" (from their abstract submitted to defcon)[2] the lock is a bit dramatic. Better, I think, to say that they "read the documentation."
Obviously I have a chip on my shoulder when it comes to mechanical security, but I am confident saying that any call for the blanket abolition of mechanical locks is short-sighted and narrow-minded. This could have been an amazing opportunity to address human behavior as it relates to mechanical security, but instead it was wasted on the age-old call for the death of locks. There remain myriad places where a traditional lock is still required, there are myriad populations who are not able to sustain electronic locks.
If the day does come when mechanical locks can be left to the dust of history, it will be more likely the result of dramatic shifts in society than in technology. It will be the death of all locks, not just mechanical ones.
While not the same authors as the guys in question, I also gave a talk on key duplication at DEF CON this year. My two main points:
1) A difference in scope means a difference in kind. Using a service such as KeysDuplicated (formerly Shoosl[1]) from your mobile phone enables opportunities. These opportunities break previous assumptions in the security threat model but can also lead to new business opportunities (see for instance Prim[2] - a laundry service that will come into your home if you send them a photo of your key; they will then find and do your laundry.)
2) The huge missing element here, which has been a necessity in computer security for years, is monitoring. For many, many people, replacing the lock or installing an alarm may not be an option. My company makes a device that fits over your lock and alerts you when someone uses a key (or bumps your door, or comes in without your permission, etc)[3]. It also allows you to grant virtual keys to actuate the lock - enabling use cases like Prim without having to fabricate a physical, non-revocable access token.
>What this fails to address is that the cuts on your key are supposed to be a secret, and your behavior toward your keys should be the same as your behavior toward a password. You don't pass it around and you are very careful about who you trust it with.
Well, if we are treating it as passwords, then we need to give every individual with access to the building their own key, with a different secret.
I mean, we all know that shared 'role' accounts are a bad thing, right? you don't share passwords.
Now, taking the password situation further, many places have a mechanical "root access" lock, with an electronic lock for all the 'users' - which makes a lot of sense to me. (further, much like non-sudo root on a server, it'd make sense that actual use of this 'root level access' should generate a long or alert somewhere, as even the admins should normally use their account and sudo as needed.)
There should be a key that has a retractable sleeve over it which gets pressed up into the handle portion of the key as you slide it into the lock, basically shrouding the key cuts from visibility at all times.
It has been possible to produce dupes of keys for ages now the old fashioned way. 'Printable' keys is just adding novelty.
More of a concern is bump keys and the fact that Lockwood dominate the industry when they can be opened with 2 paperclips (although you do have to flatten them with a hammer). You can also get lockpicks and pickguns off the internet for under $20 delivered to your house.
Is this surprising? I'd imagine 3D printing would be capable of replicating the form of nearly any solid object that fits within the bounded volume of a given 3D printer.
I think this is more about acquiring the information. You have to know exactly how tall to make the cuts, where the grooves go, how long it is, etc. It's difficult information to get from a photo, if you don't have prior knowledge of the kind of key you're trying to imitate.
I looked at making 3D-printed keys for my own locks, just for show (think yellow key, green key, etc).
I found two issues when researching its feasibility: printing accuracy and temperature range of the plastic. My results were that the lower-cost 3D printers didn't have the required precision, and more importantly, the printed plastic would simply melt if it sat in a hot car during the summer.
My research is probably out of date now, so I wonder what kind of plastic is being used these days.
The accuracy and precision are sufficient for some keys using low cost 3D printers. I got simple pin and tumbler and disc detainer keys working off of my RepRap.[0]
It requires some knowledge of the tolerances of the specific printer and lock. For example, the disc detainer model has wider cutouts than the discs require to account for blobbing corners on the print.
Using something like a Formlabs 1 printer, that probably is no longer necessary.
Interestingly, just posting a photo of the NYC master key set should be enough to duplicate them. Has anybody already gone from that photo to 3D models to a set of functioning NYC skeleton keys?
TBH, there is no reason that the city should be using such archaic key types. In Brazil, they typically used a four sided key like a philips head screwdriver that would need to be photographed from at least two sides to be able to reproduce.
Would it be possible to combine a parametric model of a given type of key with a device that can detect where the shear line is for each pin? I'm envisioning a device that you can stick into the lock one day, then go away and extract data that describes the key, which you feed into a parametric model, which you then use to produce the correct key using a 3D printer. Then you come back the next day and use this perfectly valid key to compromise physical security.
A device which can do such detection could be far less expensive than a device to both detect and actuate the pins.
>>>>All you need is a friend that works there, or to take a picture of their key, or even a picture of the key hanging off their belt.
I'm wondering how you can replicate a poorly taken smartphone camera image into a key that would unlock a high security lock. If you can't see the grooves clearly on the key from the photo, how does the software or printer know where the grooves should go? I feel like this is quite a stretch to think you can take a photo of a lock several feet away and get an exact duplicate from a 3D printer.
I went to their DEFCON talk. The key is to realize that there are only a set number of positions for the pins, specifically six, three high and three low (for the sidecut. I believe there are also six positions for the main pins). If you can recognize the positions from the photo, then you can feed the numbers into the code they're publishing that generates a 3D model.
Good. Can we finally have contactless smart card access control in the mainstream now?
The audit and management features of an electronic access control system already make mechanical keys inexcusable on any door that >1 person needs to open. Hopefully revelations like this will push more organizations to upgrade.
i wonder if one could really copy more advanced keys (f.e. the ones from KABA [0] are pretty common here) by just having some scans of the keys. these keys generally have different layouts on each side, and sometimes also on the small top/bottom sides. so just a snapped photo definitely would not be sufficient. and even with flatbed scanners like the team in the article used, capturing the depth of the holes might be problematic...
Do you know how in the 80's and 90's everything that everyone was already doing was 'changing' because of computers.
it's the same now with 3D printers. Forever you could duplicate a key in a machine with just a picture of the original. just because the machine to duplicate it become easier it's not going to change the world. dammit you could already do the same with a blank and a hand file, it would just take 40~200min depending on skill instead of 5~15min on the machine.
Intrusion with a 3D-printed key is deniable, while breaking a lock isn't. Someone could enter your house with a printed key and you'd never know it; a destroyed lock would immediately tell you someone broke (or tried to break) into your house.
[+] [-] emhart|12 years ago|reply
Mechanical locks are far from dead, but I'd love if someone reading this took it as a challenge to reproduce keys with movable components. I'm a big proponent of pushing these systems and finding ways to circumvent them, using any technology available. I just don't like it when the response is to throw the baby out with the bathwater.
[0] http://www.dom-sicherheitstechnik.com/DOM-ix-Saturn.667.0.ht... [1] http://www.mul-t-lockusa.com/614.html [2] http://www.vachette.fr/fr/site/Vachette/Systemes-de-Securite... [3]http://www.lockpicking101.com/viewtopic.php?f=9&t=56691
(edited to add links)
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] s_q_b|12 years ago|reply
This comment captures the security problem well.
> "[Locks] are more of a tamper-evident seal, or a delay tactic. The issue with bumping, picking, carding, and 3d-printing is how it invalidates the current approaches towards those two aspects."
However, of those options, 3D-printing is clearly the worst. Bump keys and carding latches takes seconds, picks minutes, and 3D printers hours. It seems that the only situation this method would be useful is with advance access to a key, a radial-pin lock, and a free 3D printer.
[+] [-] kansface|12 years ago|reply
[+] [-] emhart|12 years ago|reply
I'm about to go on a whole thing here, so let me first say that I am excited about their work and I have personally been pushing for years to see more high security key printing happening (see Nirav Patel's Abus Plus key printing[0])
What I take umbrage with is the idea that this development is going to be the death of mechanical locks. Even the suggestion that it _should_ be the death of mechanical locks. In the Forbes article [1] One of the students behind this work suggested that his goal was the elimination of mechanical locks:
"If we show that mechanical locks are vulnerable to key duplication just by having a handful of numbers you can download off the internet, hopefully they'll be phased out more quickly," says Van Albert.
What this fails to address is that the cuts on your key are supposed to be a secret, and your behavior toward your keys should be the same as your behavior toward a password. You don't pass it around and you are very careful about who you trust it with.
I also dislike the characterization of the discovery of the "numbers" in the main and sidebar bittings. That information has been publicly available and the suggestion that they "reverse-engineered" (from their abstract submitted to defcon)[2] the lock is a bit dramatic. Better, I think, to say that they "read the documentation."
Obviously I have a chip on my shoulder when it comes to mechanical security, but I am confident saying that any call for the blanket abolition of mechanical locks is short-sighted and narrow-minded. This could have been an amazing opportunity to address human behavior as it relates to mechanical security, but instead it was wasted on the age-old call for the death of locks. There remain myriad places where a traditional lock is still required, there are myriad populations who are not able to sustain electronic locks.
If the day does come when mechanical locks can be left to the dust of history, it will be more likely the result of dramatic shifts in society than in technology. It will be the death of all locks, not just mechanical ones.
[0] https://github.com/nrpatel/PhysicalKeygen/blob/master/abus_p... [1] http://www.forbes.com/sites/andygreenberg/2013/08/03/mit-stu... [2] https://www.defcon.org/html/defcon-21/dc-21-speakers.html#La...
[+] [-] paulgerhardt|12 years ago|reply
1) A difference in scope means a difference in kind. Using a service such as KeysDuplicated (formerly Shoosl[1]) from your mobile phone enables opportunities. These opportunities break previous assumptions in the security threat model but can also lead to new business opportunities (see for instance Prim[2] - a laundry service that will come into your home if you send them a photo of your key; they will then find and do your laundry.)
2) The huge missing element here, which has been a necessity in computer security for years, is monitoring. For many, many people, replacing the lock or installing an alarm may not be an option. My company makes a device that fits over your lock and alerts you when someone uses a key (or bumps your door, or comes in without your permission, etc)[3]. It also allows you to grant virtual keys to actuate the lock - enabling use cases like Prim without having to fabricate a physical, non-revocable access token.
[1] http://keysduplicated.com/ [2] https://getprim.com/ [3] https://lockitron.com/
[+] [-] rcthompson|12 years ago|reply
I don't think the average mechanical key user is aware of this fact.
I wonder if someone makes keys that hide their cuts during normal use. For example, a cylindrical key with the cuts on the inside of the cylinder.
[+] [-] lsc|12 years ago|reply
Well, if we are treating it as passwords, then we need to give every individual with access to the building their own key, with a different secret.
I mean, we all know that shared 'role' accounts are a bad thing, right? you don't share passwords.
Now, taking the password situation further, many places have a mechanical "root access" lock, with an electronic lock for all the 'users' - which makes a lot of sense to me. (further, much like non-sudo root on a server, it'd make sense that actual use of this 'root level access' should generate a long or alert somewhere, as even the admins should normally use their account and sudo as needed.)
[+] [-] samstave|12 years ago|reply
[+] [-] H3g3m0n|12 years ago|reply
More of a concern is bump keys and the fact that Lockwood dominate the industry when they can be opened with 2 paperclips (although you do have to flatten them with a hammer). You can also get lockpicks and pickguns off the internet for under $20 delivered to your house.
[+] [-] w3pm|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] sp332|12 years ago|reply
[+] [-] epoxyhockey|12 years ago|reply
I found two issues when researching its feasibility: printing accuracy and temperature range of the plastic. My results were that the lower-cost 3D printers didn't have the required precision, and more importantly, the printed plastic would simply melt if it sat in a hot car during the summer.
My research is probably out of date now, so I wonder what kind of plastic is being used these days.
[+] [-] nrp|12 years ago|reply
It requires some knowledge of the tolerances of the specific printer and lock. For example, the disc detainer model has wider cutouts than the discs require to account for blobbing corners on the print.
Using something like a Formlabs 1 printer, that probably is no longer necessary.
[0]: https://github.com/nrpatel/PhysicalKeygen
[+] [-] malandrew|12 years ago|reply
TBH, there is no reason that the city should be using such archaic key types. In Brazil, they typically used a four sided key like a philips head screwdriver that would need to be photographed from at least two sides to be able to reproduce.
[+] [-] stcredzero|12 years ago|reply
A device which can do such detection could be far less expensive than a device to both detect and actuate the pins.
[+] [-] at-fates-hands|12 years ago|reply
I'm wondering how you can replicate a poorly taken smartphone camera image into a key that would unlock a high security lock. If you can't see the grooves clearly on the key from the photo, how does the software or printer know where the grooves should go? I feel like this is quite a stretch to think you can take a photo of a lock several feet away and get an exact duplicate from a 3D printer.
[+] [-] tghw|12 years ago|reply
[+] [-] luscious|12 years ago|reply
Schlage Master Security (SMS) "Turn the key, type the text"
[+] [-] superuser2|12 years ago|reply
The audit and management features of an electronic access control system already make mechanical keys inexcusable on any door that >1 person needs to open. Hopefully revelations like this will push more organizations to upgrade.
[+] [-] parineum|12 years ago|reply
[+] [-] alternize|12 years ago|reply
[0] http://www.kaba.com/access-control/en/Products-Solutions/Mec...
[+] [-] fragmede|12 years ago|reply
Better, but still vulnerable.
[+] [-] gcb0|12 years ago|reply
Do you know how in the 80's and 90's everything that everyone was already doing was 'changing' because of computers.
it's the same now with 3D printers. Forever you could duplicate a key in a machine with just a picture of the original. just because the machine to duplicate it become easier it's not going to change the world. dammit you could already do the same with a blank and a hand file, it would just take 40~200min depending on skill instead of 5~15min on the machine.
[+] [-] Stwerp|12 years ago|reply
[+] [-] carsonreinke|12 years ago|reply
[+] [-] denysonique|12 years ago|reply
[+] [-] Digit-Al|12 years ago|reply
[+] [-] donpdonp|12 years ago|reply
[+] [-] unknown|12 years ago|reply
[deleted]
[+] [-] geektips|12 years ago|reply
[+] [-] hackula1|12 years ago|reply
[+] [-] dictum|12 years ago|reply