Welcome! (What's all this TOSL stuff about...)

[NKT]

But you still need a secret key!

Biometrics has two major flaws.

The obvious one is the lack of a secret key - you leave DNA traces everywhere, your face is (literally) visible to everyone, you leave fingerprints everywhere, so unless you want to go for an invasive procedure, something unique, then you are leaving your keys everywhere. If the police want to get into a criminal figures house and it has a fingerprint lock on it, they can easily pull his prints and make a fake finger.

Likewise, the UK has the biggest (illegal, imo) DNA database in the world, by taking DNA from everyone they can and holding it forever. I can see a place in a few years where that, too, can be abused for gaining entry. Driving and passport places have a database linked photo of you, as does anyone with any real internet presence. And I feel sorry for the porn girls - they literally have no secrets to use for a biometric lock!

The bigger issue, of course, is the total lack of key revocation.

I steal your fingerprints and stick it on the internets, with your picture and name, and you are stuffed! Anyone in the world can pass themselves off as you. You have *no way* to revoke those keys. And will the bank trust you when you say you were never in Cancun on that Tuesday last month when you drew £1000 worth of USD out the ATM with your fingerprint as password?

So, biometrics is not the answer. (There's a third issue - I could add myself into your system, and walk into your house whenever, and you'd have no idea that anything was amiss unless you checked your logs carefully. And a fourth - you go get your hair cut and dyed, and your front door doesn't open because you look too different with a T-shirt on, rather than your previous dark, long hair and work shirt from your last entry. [An issue more for the girls] Fifth, what if you secure everything with your index finger, then get it caught in a pressbrake or folder (or skewer it with a pick!) while doing your job, and lose it? Industrial accidents happen, digits get mangled. And then neither you nor your colleagues can get in your house.)

A good cylinder or lever lock is also prone to being compromised, but you swap the (reasonably good) lock and you are then sure that you can slow even an entry professional, regardless of anything else. For that night, at least, you know your door is secured, with no trojan horse and no deviant keys.

[hydruh]

You know my problem with biometric doors?

You can't let someone else in.

I can't load my wife my keys to the office to pick something up. You can't leave a key with a neighbor. You can't secure one outside the portal.

There is something about a physical key that you can't get around. Even if you have a biometric system, there will have to be a key workaround in the case of a digital glitch. Unless you have NASAs programmers, you will have glitches.

So I second globallockytoo, I think that we need to be true hackers and devise a mechanical system that can only be opened with a correctly coded key. Maybe not a key in the traditional sense (ie maybe not key shaped) but a key nonetheless.

S

[TOWCH]

(And don't say "Use a PIC" or whatever, because that would be trivially switched, and interrogated, and replaced with the one great flaw that all electronics has - no sureness that there is no backdoor!)

Tempered glass/RFID tag embedded casting seals? Not cheap or DIY friendly, but I'm not entirely sure if cheap/DIY are consistent with perfection. I'm all for a good security value open source lock,(kinda like "Solitaire" to Encryption) and a perfect open source lock being seperate locks/projects.

I'm still partial to fiber optics as the method of interaction between lock and key. Isolate and secure the guts and a lock is much harder to compromise.

[globallockytoo]

You know my problem with biometric doors?

You can't let someone else in.

I can't load my wife my keys to the office to pick something up. You can't leave a key with a neighbor. You can't secure one outside the portal.

There is something about a physical key that you can't get around. Even if you have a biometric system, there will have to be a key workaround in the case of a digital glitch. Unless you have NASAs programmers, you will have glitches.

So I second globallockytoo, I think that we need to be true hackers and devise a mechanical system that can only be opened with a correctly coded key. Maybe not a key in the traditional sense (ie maybe not key shaped) but a key nonetheless.

S

I think you would be able to let someone else access....by including their biometric signature.

You are quite correct though....a mechanical back up mechanism is vital too....and herein lies the problem of a potentially unsecure back door.

[bluestar]

First let me say that this is a really great idea and surely a project that promises much fun. However, let me please contribute a few thoughts:

[...]I do believe that electronic security can be designed 100% secure. [...]

Maybe software security can be perfect (although I believe that would be the first non-trivial software product without flaws), but I don't think that helps much. The problems seldom arise from within, but at the interfaces of a system - and by using electronics, you add a bunch of interfaces which weren't important in mechanical locks. Just to name a few "nondestructive" or partly destructive attack vectors (that all have to be taken care of), electronic emanations, IR emanations, acoustic emanations (yes, no mistake ), timing attacks (active & passive), power consumption variations, high & low voltage attacks, UV attacks, microwave attacks, ... - and these are just the pure electronics. By coupling them with mechanics, you add a few attack vectors more - vibration, magnets, etc. (but to be fair, the mechanical coupling may be easier. But you still can make a lot of mistakes, take the various "low-tech hackable" (magnet) electronic cylinders from the past).

I think the electronics would make the funnier project, but mechanical lock design is more well-understood and also cheaper and more simple to manufacture [especially at home].

[mh]

by using electronics, you add a bunch of interfaces which weren't important in mechanical locks

You are absolutely right... The reason why I believe this could be handled properly (only) in an open source style project is simply the huge accumulation of knowledge that's already "out there"

The locksport community as well as the electronics & crypto hacking communities have a very deep insight into nearly all the design flaws that have already been made (and many that haven't been made),
and an open source style project can be placed into the hands of all these people to try their attacks on, with most of them willing to contribute their ideas to continuously improve the system.

To avoid most of the problems you mentioned, I thought that placing the electronics on the inside of the door in a metal housing with the only 'connection' to the outside being a radio frequency link - as well as using a motor without a ferromagnetic core - should help a lot.

I think the electronics would make the funnier project, but mechanical lock design is more well-understood and also cheaper and more simple to manufacture [especially at home].

Well, that depends on the particular design of the lock - if someone would contribute an original design idea for a secure mechanical lock, that would be simple to manufacture, and that still looks good when we designed a decoder for it - that would obviously be great!
Somehow I feel though that getting many contributors for a perfect mechanical design will be difficult - these type of ideas are typically the 'one huge idea' that a single mastermind comes up with, then gets a patent, then licenses it out to lock manufacturers. IMO electronics and software projects are easier to divide into smaller pieces that more people can work on in parallel and make many 'small' contributions to...

Cheers,
mh

[What]

While I am not entirely sure what you guys are going for, I feel I should chime in on some part of this.

Encryption techniques, both hardware and software based will always have flaws. These flaws will be the downfall of any fusion(electro-mechanical) lock that is created, especially if it is intended to be open source.

Anyways, just my $0.2

[TOWCH]

To avoid most of the problems you mentioned, I thought that placing the electronics on the inside of the door in a metal housing with the only 'connection' to the outside being a radio frequency link - as well as using a motor without a ferromagnetic core - should help a lot.

As far as DIY ghetto fabulous is concerned: A prepaid phone with the earpiece running to a DTMF decoder is pretty secure against everyone but the government/phone company employees.

Hook up the DTMF decoders to an automated OTP, and the government/phone company employee factor becomes less of a threat.

Just a thought on a cheap authentication system to build that doesn't require reinventing the wheel as far as secure channels of RF communication are concerned.

[adesw]

If you want a hack proof software try quantum cryptography. (or as hack proof as currently possible.

However thats almost cutting edge tech and beyond most people. (including myself) and is probably also to expensive. Is interesting stuff, worth a read.

[The Speed of Dark]

A lock that has a wire connected to an alarm that sounds after 10 seconds of the pins moving. If they are raised to the sheer line within 10 seconds it does not sound. This could be done with an existing High Security lock such as a Medeco, ASSA V10, or my favorite - Shchlage Everest Primus XP.

The Speed of Dark - Raising the sidebar since 1936

[NanoDuke]

If you want a hack proof software try quantum cryptography. (or as hack proof as currently possible.

However thats almost cutting edge tech and beyond most people. (including myself) and is probably also to expensive. Is interesting stuff, worth a read.

Quantum *anything* is still too theoretical to obtain. At the moment scientists are working with individual molecules.

A lock that has a wire connected to an alarm that sounds after 10 seconds of the pins moving. If they are raised to the sheer line within 10 seconds it does not sound. This could be done with an existing High Security lock such as a Medeco, ASSA V10, or my favorite - Shchlage Everest Primus XP.

The Speed of Dark - Raising the sidebar since 1936

That's a great idea, but you'd have to isolate the pins from each other. It'd be really hard to design the triggers for the alarm. Remember that all locks are electrically conducting.

[OWNERMAN]

unless you had some switch..

[motherboardlove]

I can help write the software for the lock. I suppose that we could use someone whom has experience in PCB design.

[orangesauce]

I've always wondered about the battery thing. What a pain.

Is there some way that a battery or capacitor could be charged by the twisting of the key? For instance a garden-variety high security cylinder that was mechanically disconnected from the bolt, connected to a geared generator or flywheel. So not just anyone could twist it in the first place, but then, once it was twisted and the electronics activated, the challenge-response electronics could activate between the key and the lock. Finally, if everything worked, the bolt would be activated with the remaining juice.

The "problem" with such a lock is it might require users to know that they had to turn the key hard and fast to spin up the gen set to get the juice necessary to get everything going. But if worked, there wouldn't have to be any kind of 20-year battery or the need to maintain a charge.

As far as crypto keys, there are some good USB drives on the market with strong crypto (Ironkey is a good example). I don't know if they would be well suited for an application like this, but might be good for a prototype.

$0.02....

[mh]

Is there some way that a battery or capacitor could be charged by the twisting of the key?

Or the insertion... See e.g. http://www.iloq.fi/