
MIT Researchers: Printable Keys Make Mechanical Locks Insecure - geektips
http://www.dailytech.com/MIT+Researchers+Printable+Keys+Make+Mechanical+Locks+Insecure/article33112.htm
======
emhart
And another thing! The French Patent office many years ago ceased allowing
patents on keys that did not have a movable element, which led to the
development of many keys that cannot be readily duplicated without access to
either the restricted blanks or very serious equipment & knowhow with which to
make the blanks. These systems remain well outside the realm of 3D printing.
DOM Saturn[0], Mul-T-Lock Interactive (and up), Vachette Radial[2] and a
handful of others.[3]

Mechanical locks are far from dead, but I'd love if someone reading this took
it as a challenge to reproduce keys with movable components. I'm a big
proponent of pushing these systems and finding ways to circumvent them, using
any technology available. I just don't like it when the response is to throw
the baby out with the bathwater.

[0] [http://www.dom-sicherheitstechnik.com/DOM-ix-
Saturn.667.0.ht...](http://www.dom-sicherheitstechnik.com/DOM-ix-
Saturn.667.0.html) [1] [http://www.mul-t-lockusa.com/614.html](http://www.mul-
t-lockusa.com/614.html) [2] [http://www.vachette.fr/fr/site/Vachette/Systemes-
de-Securite...](http://www.vachette.fr/fr/site/Vachette/Systemes-de-Securite-
test/?productId=691126)
[3][http://www.lockpicking101.com/viewtopic.php?f=9&t=56691](http://www.lockpicking101.com/viewtopic.php?f=9&t=56691)

(edited to add links)

------
s_q_b
You can make a electronic bump key that will open most doors for <$100, most
buildings have windows (cover them in duct tape to break without noise), and
even the wire mesh in the walls of a "secure" building can be cut with
thermite. If you want real physical security you're going to need much harder
materials: steel, titanium, tungsten, concrete.

This comment captures the security problem well.

> "[Locks] are more of a tamper-evident seal, or a delay tactic. The issue
> with bumping, picking, carding, and 3d-printing is how it invalidates the
> current approaches towards those two aspects."

However, of those options, 3D-printing is clearly the worst. Bump keys and
carding latches takes seconds, picks minutes, and 3D printers hours. It seems
that the only situation this method would be useful is with advance access to
a key, a radial-pin lock, and a free 3D printer.

~~~
kansface
3D printing is useful for not attracting attention during or after the fact.
Also, it requires no skill to perform, just a photo.

------
emhart
Human behavior toward keys makes mechanical locks insecure. We've been able to
reproduce keys, even fairly complex ones, well before 3D printers came along.
Get a clean enough impression/scan/photograph and we can make it happen,
perhaps 3D printing is seen as making it more accessible to the general
population.

I'm about to go on a whole thing here, so let me first say that I am excited
about their work and I have personally been pushing for years to see more high
security key printing happening (see Nirav Patel's Abus Plus key printing[0])

What I take umbrage with is the idea that this development is going to be the
death of mechanical locks. Even the suggestion that it _should_ be the death
of mechanical locks. In the Forbes article [1] One of the students behind this
work suggested that his goal was the elimination of mechanical locks:

"If we show that mechanical locks are vulnerable to key duplication just by
having a handful of numbers you can download off the internet, hopefully
they'll be phased out more quickly," says Van Albert.

What this fails to address is that the cuts on your key are supposed to be a
secret, and your behavior toward your keys should be the same as your behavior
toward a password. You don't pass it around and you are very careful about who
you trust it with.

I also dislike the characterization of the discovery of the "numbers" in the
main and sidebar bittings. That information has been publicly available and
the suggestion that they "reverse-engineered" (from their abstract submitted
to defcon)[2] the lock is a bit dramatic. Better, I think, to say that they
"read the documentation."

Obviously I have a chip on my shoulder when it comes to mechanical security,
but I am confident saying that any call for the blanket abolition of
mechanical locks is short-sighted and narrow-minded. This could have been an
amazing opportunity to address human behavior as it relates to mechanical
security, but instead it was wasted on the age-old call for the death of
locks. There remain myriad places where a traditional lock is still required,
there are myriad populations who are not able to sustain electronic locks.

If the day does come when mechanical locks can be left to the dust of history,
it will be more likely the result of dramatic shifts in society than in
technology. It will be the death of all locks, not just mechanical ones.

[0]
[https://github.com/nrpatel/PhysicalKeygen/blob/master/abus_p...](https://github.com/nrpatel/PhysicalKeygen/blob/master/abus_plus.scad)
[1] [http://www.forbes.com/sites/andygreenberg/2013/08/03/mit-
stu...](http://www.forbes.com/sites/andygreenberg/2013/08/03/mit-students-
release-program-to-3d-print-high-security-keys/) [2]
[https://www.defcon.org/html/defcon-21/dc-21-speakers.html#La...](https://www.defcon.org/html/defcon-21/dc-21-speakers.html#Lawrence)

~~~
rcthompson
> the cuts on your key are supposed to be a secret

I don't think the average mechanical key user is aware of this fact.

I wonder if someone makes keys that hide their cuts during normal use. For
example, a cylindrical key with the cuts on the inside of the cylinder.

~~~
btbuildem
You could make a telescoping sheath for keys that would hide the cuts when not
used, and retract when the key is pushed into the keyhole.

~~~
emhart
They exist! One maker (who's product didn't last on the market for very long)
back in the 70s or 80s, actually had this sort of obfuscation as a feature on
the key. Basically, the key was a series of connected sections with small
differences between them, they would slide into the lock from the middle of a
spring-loaded sheath and then follow an odd path inside the lock, so neither
observation of the keyway, the sheathed key, or even likely the unsheathed
key, would give you a clear picture of how to reconstruct the interaction
between the sections of the key, or where in the lock they interacted.

Sadly I have no patent reference for the lock, only a description in an old
newspaper that ran a story on the creator.

~~~
gknoy
I wonder how well a silicone or other flexible key-sleeve would work with
existing keys. It might feel somewhat silly, but at least you could color code
your keys as well as protect them.

------
w3pm
Is this surprising? I'd imagine 3D printing would be capable of replicating
the form of nearly any solid object that fits within the bounded volume of a
given 3D printer.

~~~
sp332
I think this is more about acquiring the information. You have to know exactly
how tall to make the cuts, where the grooves go, how long it is, etc. It's
difficult information to get from a photo, if you don't have prior knowledge
of the kind of key you're trying to imitate.

~~~
apendleton
For most key brands, though, the possible pin sizes are finite and discrete,
so you just have to estimate the height of each pin from the picture and round
to the nearest one. It's not that hard.

------
epoxyhockey
I looked at making 3D-printed keys for my own locks, just for show (think
yellow key, green key, etc).

I found two issues when researching its feasibility: printing accuracy and
temperature range of the plastic. My results were that the lower-cost 3D
printers didn't have the required precision, and more importantly, the printed
plastic would simply melt if it sat in a hot car during the summer.

My research is probably out of date now, so I wonder what kind of plastic is
being used these days.

~~~
nrp
The accuracy and precision are sufficient for some keys using low cost 3D
printers. I got simple pin and tumbler and disc detainer keys working off of
my RepRap.[0]

It requires some knowledge of the tolerances of the specific printer and lock.
For example, the disc detainer model has wider cutouts than the discs require
to account for blobbing corners on the print.

Using something like a Formlabs 1 printer, that probably is no longer
necessary.

[0]:
[https://github.com/nrpatel/PhysicalKeygen](https://github.com/nrpatel/PhysicalKeygen)

~~~
emhart
I was fairly annoyed that Forbes failed to acknowledge the Disc Detainer work,
dismissing your 3D printing like so: "though Patel’s software only dealt with
normal keys that can already be duplicated by any hardware store."

------
malandrew
Interestingly, just posting a photo of the NYC master key set should be enough
to duplicate them. Has anybody already gone from that photo to 3D models to a
set of functioning NYC skeleton keys?

TBH, there is no reason that the city should be using such archaic key types.
In Brazil, they typically used a four sided key like a philips head
screwdriver that would need to be photographed from at least two sides to be
able to reproduce.

------
stcredzero
Would it be possible to combine a parametric model of a given type of key with
a device that can detect where the shear line is for each pin? I'm envisioning
a device that you can stick into the lock one day, then go away and extract
data that describes the key, which you feed into a parametric model, which you
then use to produce the correct key using a 3D printer. Then you come back the
next day and use this perfectly valid key to compromise physical security.

A device which can do such detection could be far less expensive than a device
to both detect and actuate the pins.

------
at-fates-hands
>>>>All you need is a friend that works there, or to take a picture of their
key, or even a picture of the key hanging off their belt.

I'm wondering how you can replicate a poorly taken smartphone camera image
into a key that would unlock a high security lock. If you can't see the
grooves clearly on the key from the photo, how does the software or printer
know where the grooves should go? I feel like this is quite a stretch to think
you can take a photo of a lock several feet away and get an exact duplicate
from a 3D printer.

~~~
tghw
I went to their DEFCON talk. The key is to realize that there are only a set
number of positions for the pins, specifically six, three high and three low
(for the sidecut. I believe there are also six positions for the main pins).
If you can recognize the positions from the photo, then you can feed the
numbers into the code they're publishing that generates a 3D model.

------
luscious
That's it Schlage. Time for 2-factor authentication key-rings.

Schlage Master Security (SMS) "Turn the key, type the text"

------
superuser2
Good. Can we _finally_ have contactless smart card access control in the
mainstream now?

The audit and management features of an electronic access control system
already make mechanical keys inexcusable on any door that >1 person needs to
open. Hopefully revelations like this will push more organizations to upgrade.

~~~
parineum
What if you need to use your lock when the power is out?

~~~
clauretano
hand crank. But seriously, build the contactless key in such a way that it
must be inserted and turned like a traditional key, and the battery will last
a very, very long time[0] since you're not using it to mechanically retract
the deadbolt or operate an electronic strike. Then build an LED to warn when
the battery is getting low, giving you months to replace it. Don't use [0]
though, or you'll have a mini-USB port sitting behind a rubber flap on the
non-secure side of your door. Oh wait, you don't even need that to bypass it,
just a paperclip and a few seconds (there was a youtube video of this that
appears to be taken down, I tried it on my own apartment).

[0][http://www.kabamultihousing.com/Products-
Solutions/Multihous...](http://www.kabamultihousing.com/Products-
Solutions/Multihousing-Solutions/RFID/329314/insync-locks.html)

~~~
Mindless2112
Actually, "hand crank" doesn't sound to bad: Power's out? Just crank the door
knob a couple of times and you've generated enough power to open the door
once. (Dunno how feasible that is though.)

------
alternize
i wonder if one could really copy more advanced keys (f.e. the ones from KABA
[0] are pretty common here) by just having some scans of the keys. these keys
generally have different layouts on each side, and sometimes also on the small
top/bottom sides. so just a snapped photo definitely would not be sufficient.
and even with flatbed scanners like the team in the article used, capturing
the depth of the holes might be problematic...

[0] [http://www.kaba.com/access-control/en/Products-
Solutions/Mec...](http://www.kaba.com/access-control/en/Products-
Solutions/Mechnical-Lock-Cylinders/332590/kaba-20.html)

~~~
fragmede
You'd need four pictures - two of each side, to capture enough information to
generate a 3d-model, instead of just the one.

Better, but still vulnerable.

------
gcb0
This is lame beyond believe.

Do you know how in the 80's and 90's everything that everyone was already
doing was 'changing' because of computers.

it's the same now with 3D printers. Forever you could duplicate a key in a
machine with just a picture of the original. just because the machine to
duplicate it become easier it's not going to change the world. dammit you
could already do the same with a blank and a hand file, it would just take
40~200min depending on skill instead of 5~15min on the machine.

~~~
Stwerp
But MIT did this, so we should carefully point that out in the title so it is
newsworthy. </unbridled snarkiness>

------
carsonreinke
A key is a deterrent, nothing more.

------
denysonique
That website has a memory leak. I left it open for about 10-15min and it ate
2GB of my ram.

~~~
Digit-Al
The site crashed Firefox almost immediately and died in Chrome after a few
minutes on my laptop.

------
donpdonp
In other news, obvious consequence is obvious.

------
geektips
Have to fix this problem without changing to advanced systems

------
hackula1
So do hammers.

~~~
dictum
Intrusion with a 3D-printed key is deniable, while breaking a lock isn't.
Someone could enter your house with a printed key and you'd never know it; a
destroyed lock would immediately tell you someone broke (or tried to break)
into your house.

