TOSL Project. A community project to "build a better mousetrap".
by vov35 » 20 Oct 2010 14:48
I'd consider optical communication for any digital system, as drilling a lens won't get you anywhere, and the mechanics could be kept a decent distance away. And then even if somebody were to come along with a 5 watt laser and destroy my sensor, the lock wouldn't fault open. Also it'd be really f'in bulky.
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
by globallockytoo » 20 Oct 2010 16:23
something like this perhaps?
One One was a race horse, one one won one race, one two was a racehorse, one two won one too.
Disclaimer: Do not pull tag off mattress. Not responsible for legal advice while laughing. Bilock - The Original True Bump Proof Pin Tumbler System!
-
globallockytoo
-
- Posts: 2269
- Joined: 26 Jul 2006 13:33
by jonwil » 20 Oct 2010 21:04
A solution to that problem is to go wireless like car keyfobs or garage door openers with no wires exposed to the outside for someone to attack. (off-the-shelf "open source" solutions for low-power wireless do exist). And if you design the key properly, you could have both wireless and USB and still be able to use the key for controling other stuff (i.e. the PC or TV control idea I mentioned).
The electronics for the door opener could be kept away from the door with just wires running to the door and antenna
The wireless keyfob would have an "unlock" button and a "lock" button. Pressing the button causes a message to be sent to the lock containing the serial number from the secure MCU in the key. Then the authentication proceeds as per my original idea. For controlling another device like a TV via USB, just plug it into the USB jack.
Still impossible to copy without destroying the original chip. And one system can (if you build the right bits) replace a door lock/deadbolt, home automation (control your air conditioner, lighting etc), computer parental control/time limits, TV/video game time limits or anything else you want to build a controler for.
How hard would an optical key be to copy? (especially one made by typical hackers using typical hacker tools?) How hard would it be to get the right materials for making the optical keys and locks (lasers etc)?
-
jonwil
-
- Posts: 26
- Joined: 3 Jun 2009 0:42
by globallockytoo » 21 Oct 2010 17:39
You seem to be putting a lot of faith in electronics. The reason that mechanical override is important is in case electronics fail.
Then having a secure mechanical system is vital and important.
If the battery dies in your fob or the electronic circuit fails in your non-mechanical keyed lock, are you going to destroy the door/lock to get in? Then what about the repair time/parts.
At least with automobiles, there is still the mechanical component that can still allow you access.
With Videx, if the battery is dead in the key, replace it. But if there is another communication problem, how can an authorised user gain access? You cant!
An open source like idea is excellent, although the physical mechanical back up component is just as vital and important.
One One was a race horse, one one won one race, one two was a racehorse, one two won one too.
Disclaimer: Do not pull tag off mattress. Not responsible for legal advice while laughing. Bilock - The Original True Bump Proof Pin Tumbler System!
-
globallockytoo
-
- Posts: 2269
- Joined: 26 Jul 2006 13:33
by vov35 » 21 Oct 2010 20:22
I microwave your RF antenna. system potentially faults open (just shorted every semiconductor). I'm sure you've seen garage door openers as well...
The concept of optical comms could be used with an atmel or similar microcontroller with a IR LED and a IR phototransistor. This means that the lock and key would be similarly designed, but in different form factors and with slightly different code. Hell, you could set it up so that a master key can regulate key permissions. You could probably use a published encryption algorithm like AES, and the whole thing sensor/electronics thing could be kept a few feet away from the keyway by means of focusing/redirecting mirrors, making the thing more or less immune to drilling. Furthermore, the whole thing could easily be RF shielded. It'd be fairly simple to shield against light leakage as well, making intercepting a signal for decryption that much more difficult.
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
by vov35 » 21 Oct 2010 20:38
vov35 wrote: the whole thing sensor/electronics thing could be kept a few feet away from the keyway by means of focusing/redirecting .
This is why i need an edit button. GRR. What I mean is that the sensor, electronics, and moving parts could be isolated from the "keyway" by focusing and redirecting with mirrors. This would give ridiculous drill resistance.
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
by jonwil » 22 Oct 2010 0:33
Never thought of using IR but what you say makes sense, IR (with a 2-way pair of IR LEDs and IR recievers) would be the best solution. Could use IR with my idea of a "secure MCU" and could still retain the USB option for the other uses. Battery in the key fob runs out? Go and get it replaced (make the fob take AA or something that is available from 7-11s etc so that you can get it replaced easily) or contact someone else with a key and get them to come and let you in.
AES is not the right encryption algorithim though, there are better algorithims out there you could use. If the secure MCU you pick can handle SHA-256 or something similar, you could have the lock generate a random number and send it to the key. Key combines the random number plus a secret number stored in the secure MCU and hashes the result with SHA-256. Lock hashes the random number with the same secret number. If the results match, the lock is opened. If not, the lock wont open.
And you cant brute force it unless you sit there at the lock getting a new challenge, hashing it with the next secret number and sending the new hash to the lock and repeating it again and again until the lock opens.
For dealing with a power outage (including a burglar cutting the power) you could connect the box (which in an IR situation would be away from the door) to a UPS or backup battery, thus allowing entry.
Oh and another use for this system would be as control for a burglar alarm, inserting the key would turn on or off the alarm at the same time as locking or unlocking the door.
vov35, your point about cars having "mechanical backup" is wrong. Most new cars these days come with keyfob transmitters. If your keyfob doesnt send the right secret code to the engine computer, your car wont start. You then have no option but to get the battery replaced (if the fob is out of batteries) or get a new fob (if the fob is damaged/stolen/etc)
-
jonwil
-
- Posts: 26
- Joined: 3 Jun 2009 0:42
by mh » 22 Oct 2010 1:45
Every modern car has at least one mechanical lock to let the user in when one of the battery fails. But car doors or their locks are not a good comparison, they are not designed to be secure, but to be safe in case of an accident, lightweight, and inexpensive.
Cheers mh
"The techs discovered that German locks were particularly difficult" - Robert Wallace, H. Keith Melton w. Henry R. Schlesinger, Spycraft: The secret history of the CIA's spytechs from communism to Al-Qaeda (New York: Dutton, 2008), p. 210
-
mh
- Moderator
-
- Posts: 2437
- Joined: 3 Mar 2006 4:32
- Location: Germany
-
by vov35 » 22 Oct 2010 11:35
jonwil wrote:Could use IR with my idea of a "secure MCU" and could still retain the USB option for the other uses.
While I like the concept I still feel that having exposed terminals, particularly the power terminals involved in USB would be a problem. jonwil wrote:And you cant brute force it unless you sit there at the lock getting a new challenge, hashing it with the next secret number and sending the new hash to the lock and repeating it again and again until the lock opens.
Particularly if you add a time delay. And why not step it up to a higher bit count encryption? 256 is good, but even the weak processors proposed here could handle larger keys in a fraction of a second. Something like 1024 would proactively secure the lock against future attack jonwil wrote:vov35, your point about cars having "mechanical backup" is wrong. Most new cars these days come with keyfob transmitters. If your keyfob doesnt send the right secret code to the engine computer, your car wont start. You then have no option but to get the battery replaced (if the fob is out of batteries) or get a new fob (if the fob is damaged/stolen/etc)
I have a car with a nissan keyless ignition. it has a key in the keyfob. Infiniti is the same. There you go two(ish) car companies.
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
by jonwil » 23 Oct 2010 23:08
vov35 wrote:While I like the concept I still feel that having exposed terminals, particularly the power terminals involved in USB would be a problem.
The key would have both IR for communicating with the door AND a USB port for communicating with say a computer for authentication. There would be no exposed USB port on the front door, just the IR. If there is an issue with the USB plug on the key being damaged, it can be protected with a protective cap (like what you get when you get a USB thumb drive) vov35 wrote:Particularly if you add a time delay. And why not step it up to a higher bit count encryption? 256 is good, but even the weak processors proposed here could handle larger keys in a fraction of a second. Something like 1024 would proactively secure the lock against future attack
You clearly know nothing about encryption if you think that a one-way hash like SHA-256 is insecure. The very nature of a one-way hash means its impossible to figure out the value originally used to create the hash. Even with an actual encryption algorithim like AES with 256 bits, it would take years of work on a high power supercomputer to brute-force the encryption key. Large key sizes like 1024 bits only matter if you are doing public key cryptography like RSA.
-
jonwil
-
- Posts: 26
- Joined: 3 Jun 2009 0:42
by vov35 » 24 Oct 2010 12:40
Or I considered that a public key crypto approach may be more efficient here if you want to have flexibility to add keys and consider the fact that it's still possible to intercept information flowing between key and door. 
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
by jonwil » 24 Oct 2010 18:19
Even if you have a log of the complete conversation between key and lock, you still cant crack the one-way hash function used in the authentication.
Here is how the exchange would work: 1.Key is inserted into lock 2.Key sends unique serial number to lock, call that x 3.Lock generates a random challenge and sends it to the key, call that y 4.The key has a secret also known by the lock, call that z. 5.Both the key and the lock compute h = SHA-256(x || y || z) 6.The key sends h to the lock 7.If the value of h matches what the lock calculated, the door is opened
Because SHA-256 is a one way hash function, there is no math on earth that can recover z given just h, x and y. The only way is to brute force the answer by feeding the lock hash after hash until you hit the right value for z.
Public key crypto such as RSA is overkill for this application and is harder to implement on the kinds of small MCUs we are talking about than something like SHA-256.
-
jonwil
-
- Posts: 26
- Joined: 3 Jun 2009 0:42
by mh » 24 Oct 2010 23:16
jonwil wrote:Because SHA-256 is a one way hash function, there is no math on earth that can recover z given just h, x and y. The only way is to brute force the answer by feeding the lock hash after hash until you hit the right value for z.
That would be good, because the lock could have a time penalty for wrong tries. In reality however, you could run the hash function on fast computers (e.g. distributed), and try many z, until you find one that matches all the intercepted combinations of h, x, and y. Cheers mh
"The techs discovered that German locks were particularly difficult" - Robert Wallace, H. Keith Melton w. Henry R. Schlesinger, Spycraft: The secret history of the CIA's spytechs from communism to Al-Qaeda (New York: Dutton, 2008), p. 210
-
mh
- Moderator
-
- Posts: 2437
- Joined: 3 Mar 2006 4:32
- Location: Germany
-
by jonwil » 25 Oct 2010 3:29
If z is long enough (say 256 bits at least if not longer), by the time you have brute-forced it (unless you have access to NSA level supercompupter power) whatever reason you wanted to enter whatever the locked door is protected wont matter anymore.
I know of no distributed cracking effort that has succesfully broken SHA-256 and even if it were possible, you would need to somehow convince someone with access to a disributed computing setup to actually run your cracking task.
If your lock is likely to be attacked by people who DO have NSA level supercomputer power or by someone with the patience to wait 3 years to get past your locked door, you have a lot more to worry about and no door lock in existence will help you (i.e. you need to hire some guys with badges to guard the door)
-
jonwil
-
- Posts: 26
- Joined: 3 Jun 2009 0:42
by vov35 » 25 Oct 2010 19:51
jonwil wrote:If your lock is likely to be attacked by people who DO have NSA level supercomputer power or by someone with the patience to wait 3 years to get past your locked door, you have a lot more to worry about and no door lock in existence will help you (i.e. you need to hire some guys with badges to guard the door)
I think keeping the NSA out should be a valid goal. so, estimates are that computers will get 32x faster in the coming years (based on die size and its limitations), now it's a little over a month to crack. wat do. bigger key. Or start with a bigger key in the first place.... But you're right, I'm no cryptographer, I just don't like it when people come across as a _. "YOU DON'T KNOW ANYTHING" hurr.
The BiLock isn't the first bump proof pin tumbler because it isn't a pin tumbler. And it's called a shear line, not a "sheerline".
-
vov35
-
- Posts: 229
- Joined: 29 Sep 2010 15:13
Return to The Open Source Lock
Who is online
Users browsing this forum: No registered users and 0 guests
|