Is a Keyless LASER Padlock high security?

[vector40]

Binrev?

[illusion]

well i put this into my palm Zire (O.S 5) running omniremote pro... it DOES work, but the batteries of my palm, or the padlock had a tendancy to cut out, but when it worked i was like " WTH! " this is amazing!

m2mike you rule - i'm amazed... this counts as the most high-tech method of picking i have ever used... i am tempted to buy an austin-martin and call myself james bond

[hzatorsk]

...But I would not assume because it is using IR it will be easy to defeat....

IMHO: Probably the most intelligent thing said in this forum.

It is possible to run a OTP encryption over any transmission medium with a PRNG generated unlock code and sequentially updating seed which updates upon feedback from the lock to stay in sync with the key.

If so... you will NEVER break the algorithm by snooping the transmission. Man-in-the-middle would require you to reverse engineer the algorithm as well as determine the immediate seed and in case you can't figure it out on your own... replay attacks would NEVER be successful. But, they could be used to freeze up the lock for 30 seconds to mess with your attack attempts.

In the end... you'll grow old and grumpy attempting to open it.

Of course... the presumption is that I, myself, designed the lock.

(lmao)

hzatorsk

[m2mike]

http://metawire.org/~m2mike/EZlock.zip

[m2mike]

Sorry for the 404. This should work.

http://metawire.org/~m2mike/EZLock.zip

[hzatorsk]

Mike, is that the program that you run on a PDA with infrared capabilites, and it runs all possible codes?

Yeah... but Geesh... it takes six hours... Likely because if the replay was any quicker... the lock would simply miss it.

Buy batteries... lots of batteries... and perhaps a paperback book, as you you ain't getting any PortaHo Time!

[m2mike]

...But I would not assume because it is using IR it will be easy to defeat....

It is possible to run a OTP encryption over any transmission medium with a PRNG generated unlock code and sequentially updating seed which updates upon feedback from the lock to stay in sync with the key.

If so... you will NEVER break the algorithm by snooping the transmission. Man-in-the-middle would require you to reverse engineer the algorithm as well as determine the immediate seed and in case you can't figure it out on your own... replay attacks would NEVER be successful. But, they could be used to freeze up the lock for 30 seconds to mess with your attack attempts.

hzatorsk

Would you please elaborate on what OTP encryption is? What is PRNG? What devices are using the technology you speak of?

[Auto45]

They tool the lock off the market, not for sell anywhere. That lock did not last long

[m2mike]

hzatorsk,

I assume you mean a sequential rolling code that gets encrypted somehow. On some systems, any bits that "roll" seem to be random, but they are just encrypted. One such system is Keeloq, which in some implementations is not secure. I won't go into details, but DES (or other block ciphers) can be cracked with some implementations of Keeloq. Some of you may already know what I am talking about.

I would love to see an IR padlock with a secure implementation of rolling code security, but don't expect it soon as it is probably cost prohibitive by anyone who has considered making one. If you are going to go to all that trouble, then there are other design aspects that need to be taken into consideration. For example, don't make the case out of plastic!

[m2mike]

New locations for those files. Sorry for the long delay, guys. I have been busy. The old links are dead. This new link should get you the files in question.

http://m2mike.no-ip.org/

[Ray_Air]

Personally, I want to know were the "laser" comes in, just like in "laser" track keys. heh. I think a walkie talkie could probably open this lock as well. But thats just a thought.

If it is really a laser, then it would transmit in nanometers. Laser beams vary.

[Raccoon]

No Ray. Marketing teams consider Infrared diodes to be "Lasers". Technically, they are half correct, but only by associating two similar technologies as one.

LASER stands for "Light Amplification by Stimulated Emission of Radiation", but today's solid-state lasers (devices which produce a beam of coherent light) use very narrow-band LEDs rather than stimulated radiation (as through a ruby crystal or noble gasses). So, because Lasers can be LED driven, marketing teams consider even wide-band LEDs to be of Laser designation-- even though they are not because they're only marginally coherent.

Anyway. I'm glad this thread got dug up. I didn't even know this padlock existed, and I'm disappointed it doesn't anymore. I doubt it was discontinued due to the hacks, but perhaps some othere inherent flaw like battery life or premature failure. If it were only the hack, I'd really like to buy some. The odds that someone intercepts your infrared key are as good as someone walking by with bolt cutters.

[m2mike]

Just to clarify, when I was playing around with these infrared locks, they were already off of the market. I had to go to ebay back in August of 2005 just to get my hands on some to test with. So the "Laser locks" were gone from retail stores when this software came out.

The "EZ Padlock" is still out there and can be had from stores like Wal Mart. The security is horrible in both locks. Use these things as a novelty only.