Idea: The Open Source Lock

[mh]

Hi,

So here is my latest (& I think quite novel) idea:

Let's make the perfect, unpickable, nearly undestroyable lock!

(1) Selfmade:
So nobody else knows how to make additional keys with the correct code. Not the guy who sold it to me, not the manufacturer (well, yes, but that's myself).

(2) Unpickable:
So nobody can manipulate the lock.

(3) Nearly undestroyable:
With lots of metal and other stuff in the way of any destructive tool.





Ok, this part wasn't so novel, but here are the other parts of my idea:


(4) Electronic:
Because I believe that making a nearly undestroyable lock myself, I would have to rely on "lots of metal and other stuff", and then there is not much space left for a mechanical locking mechanism...

Therefore... place electronics on the inside of the door, and "lots of metal and other stuff" on the outside.
And just a short keyway to be able to assert torque.

(5) Open Source Software:
Now that's the novel idea.
Because we write the software for the electronics ourselves, we know what's in there - we know there's no backdoor, and we know about the strength of the cryptography we use.

Whoever wants to use the lock, can build and download the software themselves, and can therefore be certain that no one else has manipulated it, or knows the "key codes".


As a picture can say more than 1000 words - here is a 1st drawing of the idea - in Euro cylinder form, because that would be my first application:




The idea would be to have only a thin axle going through the otherwise rather massive outside part of the lock,
and a clutch mechanism that connects this axle to the bolt -
when the correct key is present.

To check whether the correct key is present, would involve the lock sending a message to the key ("Hi, I'm your lock, and I would like to prove it by adding my cryptographic signature to this random value I just selected") and the key responding with another message ("Hi, I'm the key, and I can prove it by returning my cryptographic signature for that random value").

I'm currently wondering what the best way to exchange these messages might be -
electric contacts could be used to maliciously inject high voltage and stuff like that, so I thought that should be avoided.

Maybe optical transmission through a light guide might be appropriate, as long as the light guide's opening doesn't present a potential bypass path.

Or RF transmission; that could be intercepted, but the cryptography just needs to be strong enough; and it might not work properly on steel doors.


Anyway - what do you think of this idea?
Is it worthwhile to follow-up on that?
Would you be interested in working on such project?

Go ahead & tell me all the flaws...

Cheers,
mh

[UWSDWF]

i wouldn't call it indestructable but a neat idea... of course I am completly baffeled by it but cool none the less

[mh]

i wouldn't call it indestructable

Maybe "nearly indestructable" would be sufficient.

Of course the level of these Government / Military Padlocks with those neat Ceramic Inserts would be nice...
What would be a good source for such 'hard' materials?

[UWSDWF]

it's costly but you could have titanium milled up for it... heat resistant... very hard... pretty

[gostone]

Titanium is also brittle!

[grim]

Let's make the perfect, unpickable, nearly undestroyable lock!

that quest has been on for thousands of years. remember: "anything can be made foolproof, but NOTHING can be made damnfool proof."

(2) Unpickable:
So nobody can manipulate the lock.

not gonna happen. no system is perfect. there is always a hole. if there wasn't then keys wouldn't work either.

(3) Nearly undestroyable:
With lots of metal and other stuff in the way of any destructive tool.

if military-grade vehicles can be taken out, then what would prevent this lock from being mooshed out of existence?

The idea would be to have only a thin axle going through the otherwise rather massive outside part of the lock,
and a clutch mechanism that connects this axle to the bolt -
when the correct key is present.

To check whether the correct key is present, would involve the lock sending a message to the key ("Hi, I'm your lock, and I would like to prove it by adding my cryptographic signature to this random value I just selected") and the key responding with another message ("Hi, I'm the key, and I can prove it by returning my cryptographic signature for that random value").

so, in essence, you're talking about a combination of mechanical and electronic locking mechanisms. mechanical can be manipulated and electronic can be hacked or bypassed.

electric contacts could be used to maliciously inject high voltage and stuff like that, so I thought that should be avoided.

Maybe optical transmission through a light guide might be appropriate, as long as the light guide's opening doesn't present a potential bypass path.

any path to the "outside world" will present a potential method for bypass, destruction, nullification or manipulation. a little sanding of the front lens of the light pipe can reduce the signal enough to make the lock stop functioning altogether.

Or RF transmission; that could be intercepted, but the cryptography just needs to be strong enough; and it might not work properly on steel doors.

rsa-esque/pub-key encryption then? you'd need a pretty hefty computer behind that lock to supply enough horsepower to crunch all those numbers on the fly. any system that relies on active computing to generate public keys on the fly is not going to be practical until there are some serious leaps in technology. how big would the key need to be if it required active computations to respond to the lock?

Anyway - what do you think of this idea?
Is it worthwhile to follow-up on that?
Would you be interested in working on such project?

Go ahead & tell me all the flaws...

Cheers,
mh

although your dream is admirable, i sincerely doubt that at this point in time that it's practical. keep at it though, some day you might hit on something that a jaded ol' [term for someone born out of wedlock] like me can't rip apart.

[mh]

Thanks for the comments!

(3) Nearly undestroyable:
With lots of metal and other stuff in the way of any destructive tool.

if military-grade vehicles can be taken out, then what would prevent this lock from being mooshed out of existence?

Sure, but I think most people will accept a lock that's as strong as the door, no need to go further.
And I think that could be achievable.

so, in essence, you're talking about a combination of mechanical and electronic locking mechanisms. mechanical can be manipulated and electronic can be hacked or bypassed.

I was thinking of a mechanical part that can only be bypassed destructively, but not easily (see above),

and an electronic part that has the power of a lot of bright minds behind it - as in Open Source Software -
and therefore cannot be hacked or bypassed -
just as PGP with long key lengths can currently not be hacked or bypassed.

That's the part of the idea that I like the most

I agree that there are security holes in lots of software systems - Windows or Linux or ... -
but it is possible to design such a small embedded system like an electronic lock without such holes.

It might take more than one iteration, but again, that's where the power of a lot of bright minds comes into play.

electric contacts could be used to maliciously inject high voltage and stuff like that, so I thought that should be avoided.

Maybe optical transmission through a light guide might be appropriate, as long as the light guide's opening doesn't present a potential bypass path.

any path to the "outside world" will present a potential method for bypass, destruction, nullification or manipulation. a little sanding of the front lens of the light pipe can reduce the signal enough to make the lock stop functioning altogether.

Correct.
That part of the design is necessarily a trade-off between comfort, protection against Denial-Of-Service, and protection against manipulation.

Denial-Of-Service attacks are always possible on each kind of lock - from chewing gum & super glue to welding equipment -,
the question would be - how difficult does that need to be. Open for discussion, of course.

rsa-esque/pub-key encryption then? you'd need a pretty hefty computer behind that lock to supply enough horsepower to crunch all those numbers on the fly. any system that relies on active computing to generate public keys on the fly is not going to be practical until there are some serious leaps in technology. how big would the key need to be if it required active computations to respond to the lock?

Why would you need to create the keys on the fly?
It seems practical to me to just *sign* messages using pre-generated keys.
And that's possible with current embedded systems.

Again, thanks for the comments,
I hope I find some people here that are interested in this type of "analog hacking" - remember, hacking is not only about manipulating existing things, it's also about making new things -
and we can start a dialogue on that

Cheers,
mh

[TOWCH]

Hmm, 1mm fiber optic keyway through a solid steel euro cylinder with no tail piece to weaken it. Put a 90 degree elbow on the inside, and then run fiber to the actual lock placed above or below on the door. The distance is random to prevent drilling. Use an infared LED to transmit the code, and a transponder to disable the key when not in use. Power the key using an independant from lock power source. You could use just about any palm computer with an infrared port as the lock electronics, and the bolt could be a stepper motor driven deadbolt maybe salvaged from a kwikst electronic. The key can be a rolling code challenge response XOR for the benefit of size? If it looked identical to a generic keychain light all the better.

[TOWCH]

Oh, and make the keys reprogrammable. The palm computer can generate a new code list and update the key as necessary. I think it would be ideal if the key was camoflauged as a normal keychain light. All this could be coded in java and wouldn't be hard to source the materials.

[mh]

TOWCH,
I like the 2-part concept, as you described, together with a decoy;
that would be a nice option if it fits the door.
For my door, I'm looking for a manually operated Euro cylinder, that will move an existing multi-point locking system - pretty high torque required.

Concealing the key as something else is a nice idea, too. However it somehow conflicts with the concept of Open Source that specifically does NOT rely on so-called 'security by obscurity'.

About the authorization method; I thougt of rolling codes, too - the part I don't like about it that someone with brief access to the key could 'steal' an access code that would work until the key is used the next time.

Of course that could be done with challenge-response-methods and "cellphone-in-the-middle", too,
but adding time constraints would make such attacks very difficult; after all, most ready-to-use radio links have a considerable transmission delay.

Plus, one could add a keypad or other push-keys-in-a-sequence-type authorization methods to the key.

Cheers,
mh

[unbreakable]

I'm likin this more and more....

Now, as for the lock, how about something like this http://www.toool.nl/blackbag/?p=42

You'd need specalized picks to pick it, and if you built it on an interlocking pin design (like Emhart) It should be darn near impossible to pick. I'm thinking like 11 interlocking pins, plus the check dimples, and the Anti pull protection as shown in the origional lock.

[Shrub]

Unfortunatley still open for snapping,

I think the breakthrough would be to make a lock in the euro sized package that does away with the inherrent weekness (snap to secure shouldnt be included as they are just as easy to get around) then worry about adapting the mechanics to make it survice picking atacks,

I do love the idea of open source software for the lock and the other ideas you have and think theres somthing workable in that if the lock package was differant,

[illusion]

Hmmm.. I think this is where the computer hacking world meets the lock hacking world - could have interesting results.

[JackNco]

Very cool idea. but a smaller version of what you are describing is already on the market.

http://www.videx.com/products/listing.html

Very cool little locks, if anyone has one ide lock to have a play with one as ive seen an iPod mod which i think could be used to bypass these. i dont say any more as...

1 - Its advanced material
2 - i have no idea if it woudl work without testing it
3 - If it does work ide love to be the first 2 publish it.

All the best

[mh]

I think the breakthrough would be to make a lock in the euro sized package that does away with the inherrent weekness (snap to secure shouldnt be included as they are just as easy to get around) then worry about adapting the mechanics to make it survice picking atacks,

I do love the idea of open source software for the lock and the other ideas you have and think theres somthing workable in that if the lock package was differant,

I was told quite often that non-snappable Euro cylinders DO exist - those which are built from several pieces, with very strong middle pieces - such as KESO. The reason I was told is: before they snap, the sash lock gets bent and will not open anymore even if the cylinder was removed.
I never tried it myself, but it sounds sensible to me.
If someone could source those middle pieces, the other pieces could be designed to match them.

Also the design I have in mind could have a strong connection between both sides at the 'cam' part as well.

Or - what other lock package would you think about?