scary new lock design

[unlisted]

[edit- moved this here for sevedus - they posted this slightly off topic in another thread - unlisted]

We've been pondering the key replacement issue since day one and have not yet decided how to deal with it. What we're leaning towards is providing the end user with an encypted description of the key which only when de-crypted reveals the pattern. We will not be keeping records of the patterns used in specific locks. When the customer needs another key or more locks keyed the same as one they have they'll have to send the key-code to us rather than the key. Only the customer will possesss the pattern data and that in encrypted form.

[edit- moved this here for sevedus - they posted this slightly off topic in another thread - unlisted]

[sevedus]

Re: Mastering capabilities

I guess I'm responding to an e'mail question for I cannot find the reference in the thread. I applogize for not having made it more explicit when I rehearsed the pin-cam interactions.
Recall that there is no +/-tolerence with regard to the sequence. Dimensional tolerences only come into play in determining the fundamental functionality. If the dimensions are within limits the lock functions. The sequence is virtually digital and therefore admits of no errors. This means that changing only one permutation of the cam (or the key) will cause it to drop the sequence.
This means that an immense heirarchy of masters can be generated by hand from any one sequence. Only two permutation substitutions are required to populate mastered sets of one hundred members. Only three or four such subsitutions are required to populate a set of a thousand members. None of the individual keys differs greatly, but only one deviation from seqeunce breaks the path. This hopefully avoids the circumstance, which I've understood to be problematic of mastered sets, of a passkey that is "almost" alike being able to open more than its' intended locks.
sevedus

[greyman]

Interesting thread, not least from the initial responses. After a very quick read, I'm looking forward to some more detail on this concept. Any pictures around?

[greyman]

Sorry for my last post. I should've googled first! The design does look a bit "Ving-card-ish".

[sevedus]

All of the animations on our site speak to adaptation of the idea to P&T locks. We visited those design concepts briefly and found them all very deficient. We posted those because one of our TOOOL NL advisors (Han F.) though it would be a good idea to rehearse the history and evolution of design through the market ready item.
Please don't flog yourselves further dissecting the limitations of the designs shown. We are well aware of them. Rather, cast your critical eyes, please, on the final embodiment disclosed in the patent application. This embodiment functions in a digital rather than analogue fashion, thus removing most limitations to volume manufacturing because the bit lands of the key and the permutations of the cam are assembled rather than machined from solid blanks. We EDM a spot-faced area and laser weld the bit or permutation to the key or cam.
Several remarks have addressed concerns to wear of the internal components. All of the tribologic surfaces are set at sliding rather than locking angles, so the bit lands of the key have an included angle of 91 degrees with a tiny "dwell" on the radius of the bit land. The outboard pin end is tapered at an 89 degree angle with similar "dwell radius" which is calculated to allow .012-.015 thousandths inches of key insertion travel while engaged with the "current" pin causing it to displace only +/-.002 inches. This "dwell" gives the "previous" pin clearance to retract and the "next" pin clearance to advance, while the "current" pin holds the cam in place. The inner end of the pin has only a 60 degree included angle so as it enters the permutation surface and displaces the cam, there is mechanical advantage.
The components are of 316 and 440 stainless steel with a “Cold-Nitriding” process which penetrates only a few thousandths of an inch, applied to the pin ends. This results in a case hardness of 68-70 (Rockwell C), with no degradation of surface finish. Contact loads are 10-25 grams. Based on other wear studies of sliding components we expect life expectancy to be in the range of 5-10M operations for the bit-land, permutations, and pins. We anticipate someone approaching one of these locks with an electric vibratory device, relying on chaos theory to provide a “monkeys-typing-Shakespeare” solution to the sequence. When that person wearies of the attempt many thousands of pin-displacements will have occurred without encroaching on the devices’ life-expectancy.
Incidentally, a design review of experts, which it was implied in early postings we were trying to obtain surreptitiously, was conducted in Sneek NL at the Dutch Open in 2007. We presented the patent in its’ entirety and the proof of concept adaptation piece for the review of fifty members of TOOOL and Locksport. They, along with Peter Field (head of R & D, Medeco Locks) demonstrated the open-handed generosity of which you speak in sharing their knowledge of bypass and manipulation with us. They did this knowing that we would take that information home and use it in developing extensive criteria for the lock by which we would render each bypass null. This is one of the principle reasons for the delay in getting from that original proof-of-concept to execution of the highest embodiment.

When Eric D. (KeeferO) made the original post in search of “buzz”, what he’d been asked to discover specifically was high end practitioners of the art who might be interested in receiving pre-production examples (PPAP) of the lock for evaluation. I was a bit surprised (not too much on reflection) to be greeted by people who’d been at Sneek, waiting to see how we’d answered their specific vulnerability concerns.
Someone mentioned a wish to see a forum for an “open-source” lock design, analogous to the “Linux” system. While I approve of collaborative designs, especially when the subject matter is of wide relevance, I can only see that effort working well for abstractions per se, such as software, where someone shares an idea rather than a created object. When I was at Sneek NL I had the impression that the generous sharing of knowledge was rather in aide of that open-source concept. I felt that there was recognition on the part of the attendees that the design we’d presented was indeed important evolutionary work and that they were sharing in an effort to help ensure that the final designs were as free of vulnerabilities as possible.
For people who can open a 3D AUTOCAD file and want to look closer at what we're doing (and can accept large files as attachments), I'll be glad to send you unclassified 3Ds. I'm attaching an unclassified rendition for immediate clarification. In the image at hand the light blue pin is supported in a dark blue cylindrical magnet, the red inner ends of the pins are in proximity to the yellow permutation surfaces on the beige cam. The cam sequence shown is 1,2,3,4,5,6,7,8 etc. Pin #8 is fully engaged, pin #1 is “next”.

pinperm1.JPG

Proper rotation of the cam is obtained when one and only one pin is displaced fully; and then when the one “next” pin is gradually displaced simultaneously with the recovery of the “current” pin to the zero position. If more than one pin is displaced the interaction of multiple pins with multiple permutation surfaces reduces the net vector of the cam while redirecting it from the true sequence path, and the amount by which the pins may be displaced is reduced. As more and more pins are simultaneously displaced the net vector is further reduced and the more the direction of the vector strays from the true sequence path. At the ultimate extension, all of the pins are simultaneously displaced, but only by a fraction of the full travel, the net vector of the cam approaches zero and is random in direction. Motion of the cam along the sequence path is obtainable only by operating the pins one at a time, each three degree increment of cam motion results from the releasing the “current” pin while the “next” one is displaced.
The cam is capable of and undergoes compound motion for normal operation. The cam shifts axially as well as rotating. The force of the cam biasing springs is several times smaller than the force required to displace the pins. The red pin-head is magnetic and so the force of attraction between the pin-head and the magnet is maximum at zero pin displacement and minimal at full displacement, (the exact opposite of a spring force profile). When a pin is displaced out of sequence it will generally (statistically) engage the outside diameter of a permutation surface rather than the inside diameter (as the proper pin does). Contact by the pin with the I.D. of the permutation constrains the cam motion to that which is desired, while contact with O.D. permits unconstrained axial motion as well as a very limited amount of retrograde rotation. The cam is able to “rewind” fully to zero in both axis only when there are no pins displaced, i.e., when the key is removed.
Note the presence of three (green) “dummy” permutations, which exist only to limit the travel of out-of-sequence pins prior to dysfunctional engagement. That the dummy permutations seem to share space with the sequence permutations is permitted because the interference is EDM’d away for the assembly placement and welding of the overlapping permutation. When the pins are displaced in the correct sequence by the bit lands of the key, as they pass during the keys’ insertion, the cam both rolls and traverses to the unlatch position. What happens next is still classified but we should be able to publish the details soon.
Readers…..Thank you all for your continued interest, cogent remarks, and offers to evaluate.


Stephen (sevedus) Maples


[note: this poster PM'ed me asking for permission to post info about this, and website- unlisted]

[mh]

Thanks, Stephen, it's really nice to see interesting pictures of new concepts

When I look at the image you included above - and imagine to hold pin 8 firmly in place, and imagine to test the travel of the other pins - I believe that pin 1 will move a certain well-defined amount and then stop. That should be the same with pin 7, and it should be different with all other pins.
I remember however, that I my last pin was pin 7, so I should try pin 1 next?

Cheers,
mh

[sevedus]

mh is quite correct.

There is symmetry in the “pre-travel” of the pins prior to contact with a permutation surface. It is to minimize the differential between the free-travel of the “next” pin and those that are “not next” that there are dummy permutations in each octave. The critical issue is what you are willing to call “well-defined” in terms of displacement steps. The current differential resolves to 0.003 inches typically. Also consider the scale. The pin-head (red) is 0.050 inches O.D. The pins are on 0.075 inch centers. There is approximately 0.4 inches of pre-travel from the mouth of the keyway to the pin array, accessible through a 0.031 x 0.062 inch aperture. This is partly why I’m so skeptical of a free-hand pick. It’s possible to scale down further if needed to get below manual detection limits, but imagine the conversations that I’m having with component vendors right now… we shall see.

My concept of a decoder (early musings) invokes a set of wedge-shaped probes having very shallow angles so that a long stroke of the probe is required to make the full pin displacement (0.029 inches). The probes would incorporate electrical position and pressure sensing and be electrically actuated, preferably using some “palm-electronics” to interpret the pressure and position signals and drive the actuators. In my concept the decoder works backward and presumes that the lock itself cannot be decoded at all, relying instead on sequence data, which by itself cannot open the lock but rather describes to the device the sequence which will do so. The customer has the key code. It’s encrypted on a card that came with the lock. It is the only record of the sequence and the customer would need to send that card to the factory for duplication of keys or additional locks keyed the same (either). The card goes in the device which decrypts the sequence and then operates the probes to emulate the action of the key. The objective of this is that the lock should be opened once, in the absence of the key, and the sequence remain covert. How we go about deciding to whom such devices are distributed remains another thorny Q. Note that for this scheme to work the customer, who’s just lost the key somehow, has managed to retain possession of the code card. It’s marginally better than notifying the alarm monitoring company and cutting out a glazing. Either way they get in but don’t get a “replacement” key on the spot.

What I’d like best is if the customer knows and trusts a locksmith sufficiently to store a spare key in that persons key vault. Then when the lockout occurs the locksmith brings the key. (Is this “key-storage” a part of anyone’s practice, and if so how is it working?) The real security problem here is that you cannot lock without the key so a lockout necessarily means a lost or misplaced key. Unless the key is known to have been lost in an irretrievable fashion i.e., dropped into the refractory crucible, Marianas Trench, etc., it is spurious security to replace the key and not re-key the lock. You can replace the cams in the field and yes, it does involve a full teardown. I think that this would be a “best procedure” for “lost key” events no matter whose lock is involved. If a key is simply MIA (as opposed to being irretrievably lost), then key control has failed and there is no guarantee that the missing key is not in hostile hands. Simply replacing it would substitute an assumption for actual security.

Readers…. Thank you so much for engaging in this discussion both here and offline. It’s precisely why we came.


Stephen

[mh]

I believe your idea of wedge-shaped probes having very shallow angles would be appropriate, I don't think that they would necessarily have to involve electronics.
The concept that I can have one pin firmly in place and then use the other pins to get a (limited) map of the surroundings seems to have some potential for decoding.
The false or "dummy" permutations as you call them could of course be used to create additional paths that in theory stop somewhere in the middle and don't allow for the 90 degree turn of the cam, but I don't see how you could prevent 'correct path recovery'.

Ideas to consider might be
- random irregular non-symmetrical shapes of the red pin heads (might make decoding the displacements / 'getting the map' more difficult)
- triggering something when the "dummy" permutations are engaged

Cheers
mh

[sevedus]

mh is quite right.

Getting back on the sequential path requires detecting the “next” pin. Earlier I mentioned, “The outboard pin end is tapered at an 89 degree angle with similar "dwell radius" which is calculated to allow .012-.015 thousandths inches of key insertion travel while engaged with the "current" pin causing it to displace only +/-.002 inches. This "dwell" gives the "previous" pin clearance to retract and the "next" pin clearance to advance, while the "current" pin holds the cam in place.” This pre-travel allows the bit lands to vary in how far they protrude from the cam centerline by the .012-.015 inches, randomly. In this image the pin pre-travel is called out, showing symmetry in the absence of “dummy permutations” and with the permutations protruding equal distances. The reason for the imperfect symmetry in that the “current” pin doesn’t actually “bottom out” in the permutation. It holds off slightly, so the biasing springs pull off-center slightly, and that translates into a slight asymmetry.



The “previous” pin is at .0062, the “next” pin is at .0073, the pin at .0266 has stroked out, the “current” pin holds at .0255. I’ll grant that without dummies present the .0266 is a no-brainer, and presumably the current pin and previous pin are both known. Superimpose on these pre-travels a random variation in protrusion of the permutation heights of -0.0 through -0.015 inches. I think you’d be guessing which pin out of five to hold next.

[mh]

The next pin should be one that, when it engages with the cam, doesn't let the cam rewind. That would mean I actually found the inside of one "permutation".
It should also be one that turns the cam further and not backwards. To test that, I might move the tested pin in as far as possible while holding the previous pin firmly in place. If I then release the previous pin, and the new pin is the correct one, nothing will happen. If the new pin is not the correct one, a) the cam might rewind a little bit (audible?) and b) maybe the previous pin does not go into the previous "permutation" anymore?

Cheers,
mh

[sevedus]

mh is correct (again, as always…)

But not entirely correct and the erroneous suggestion that he raises has introduced a variable that I’d not considered but which I believe will satisfy the case. Angular velocity of the cam....

mh said, If the new pin is not the correct one, a) the cam might rewind a little bit (audible?) and b) maybe the previous pin does not go into the previous "permutation" anymore?

Consider what happens if I change the “pitch-spacing” of the permutations of the cam from the current one having 50% overlap down to 10%, and do so in the middle of the sequence. The first octave retains the 50% overlap, employing staggered pre-travels and dummy permutations to disguise the sequence. The second and third octaves are spaced further apart angularly. When the overlap drops to 10% the radius on the “next” pin will be on the outside of the permutation wall, rather than inside it, if the pin manipulations are performed at zero angular velocity. Unless the manipulations are performed quickly enough to maintain the angular velocity of the cam, even the correct sequence of pin displacements will fail and drop the sequence.

All of this devolves from mh’s statement/question, b) maybe the previous pin does not go into the previous "permutation" anymore? the answer to which is that when made with the 50% overlap and symmetrical bit lands on the key, even using staggered permutation protrusions, the cam is “handed-off” from one permutation to the next with 100% certainty. This is true of the cam’s forward rotation as well, but this truth applies only when the large overlap is present. Take that overlap away and when executed at zero velocity, even the correct sequence fails. The cam then rewinds fully if there are no pins displaced and less than four degrees if the “wrong” next pin is held. Conveniently the velocity is both maintained and limited by each pin displacement event, so a wide range of angular velocities will be functional. How “handy” it is insert the key “properly” is open to argument but I would submit that few keys are “normally” inserted in quantum steps recognizable to the user.

My (currently uncalculated) belief is that the “over-speed” would be self regulating until it approached 110% overlap. At that velocity the “next” pin would engage the “next” permutation surface on the outside diameter. This puts the correct pin pushing against the correct permutation but on the opposite outside surface from intended one inside. Essentially the sequence would be one whole angular step ahead of the 100% controlled one obtained when the pins engage the I.D. If the alignment is good enough I suppose the cam could continue to be driven in rotation, but as soon as the axial traverse occurs the cams will just roll off the pins sideways.

So I have lovely weekend ahead of myself here, calculating this potential “ace-of-trump” variable. Hmm.. 3.8 gm mass, 0.365 inch diameter…. story problems… applied physics…. This could be either a migraine or an erection. More next week. Thanks again for all the analysis and feedback.

Stephen

[mh]

I think your inertia idea is quite interesting. And difficult to implement, let's see what you come up with.

I believe the idea I mentioned before about the non-symmetry introduced by the cam rewinding spring is not too erroneous, though. Just don't think about an ideal correct key moving the cam, but about someone who pushes a pin in just enough so that the cam does not rewind. It will behave differently depending on which side the pins contacts the Inner Diameter.

[sevedus]

Well, I'm thinking about the same degree of difficulty as making certain components in spring-driven clock-works function properly.

VelocityPerms2.JPG

The sequence divides into two stages in which first a non-enveloping permutation on the cam reacts to the pin displacement only with rotation (if a proper pin) or only with axial traverse (if improper). At the end of the rotation sequence the hollow (enveloping) permutations are employed to induce the axial traverse while holding against the rotational re-wind spring.
It's not clear yet whether we need to fill the adjacent spaces to the correct permutations with axial-directing ones, (as is shown in the first pin selection opportunity), all the way up the sequence. I suspect that if we do not fully populate the cam with decoy permutations, someone will offer to "find the next pin" by partially displacing and holding one pin while rapidly displacing another fully, in the hope that the partly displaced pin will rebound from the "next" permutation, thus revealing the sequence. In order for that key-bypass scenerio to work the pin, which is fully and rapidly displaced, must be the correct one. If all the non-sequence positions are filled with dis-functional permutations, every pin will respond to the test by revealing contact with a permutation at the same point but only one of those permutations will provide sequence advance.


I need to say this to the readers with every post... Thank you for the generous, copious and high utility feedback, here and elsewhere.

Stephen Maples

[sevedus]

Here's the fully populated array. And it makes for a busy assembly station but... all attempts to probe now produce identical results, none of which functions. To be functional the probing events must be executed in under 0.019msec/ea.

VelocityPerms3.jpeg

[mh]

Difficult to believe that it works like clockwork... But if it does... Quite cool