The new Master Lock Speed Dial

[prevariikation]

Thank you for both the visualizer and releasing the source code! I'd previously downloaded the standalone Flash player/debugger just to be able to run it.

This lock is so compelling.. Blank_Reg, I'm loving your cutaways and tried out the four-move bruteforcing sheet for my lock with unknown combination. No luck, unfortunately, but I really appreciate the certainty that the correct sequence has more than four moves!

[Blank_Reg]

You are welcome prevariikation.

AFter buying about a dozen of these (lol), I have noticed that factory codes never have more than 2 consecutive directions in their sequence ( UURU can be one, but UUUR cannot) so I have re-computed my brute force sheet to exclude these suspected "unused" input sequences. Now it only takes about 1:45 to get through 50% of the keyspace.

If someone has their factory codes can they check that there are no 3-direction runs? and tell me if my hunch is wrong?

I am still obsessed with this lock and I have made better cutaways with color coding on the actuator wheels and the gate wheels.

I am working on a visualizer cloning Mh's using SVG with embedded java script.

I am convinced that a hybrid approach of Mh's decode method and computer search can decode this lock without tools. My idea now is to detect the top gate by dragging the hammer while giving input. You indeed can feel and hear the gate. Count how many strokes and where the click happened and the top gate is solved. (1/4th of the state space is then eliminated)

Once the top gate is known, we can use simulation to know how to place the hammer in the gate, and then try to detect bottom gates. Once we have a one (maybe not even if the specific wheel is known) we can generate a brute force with the computer. Because of the last stroke (-1,0,+1) relationship I think just knowing 2 wheels will make the state space very very small, the math about this is beyond me though

Thoughts?

I am about to have a week off work so hopefully I can make more progress.


Another thing, my Knollan saly dance outdoor locks have come. They are clearly not made in the same factory as the masters. AND THEY HAVE FALSE GATES COOOOOOOL!

[prevariikation]

I am working on a visualizer cloning Mh's using SVG with embedded java script.

I am convinced that a hybrid approach of Mh's decode method and computer search can decode this lock without tools. My idea now is to detect the top gate by dragging the hammer while giving input. You indeed can feel and hear the gate. Count how many strokes and where the click happened and the top gate is solved. (1/4th of the state space is then eliminated)

Once the top gate is known, we can use simulation to know how to place the hammer in the gate, and then try to detect bottom gates. Once we have a one (maybe not even if the specific wheel is known) we can generate a brute force with the computer. Because of the last stroke (-1,0,+1) relationship I think just knowing 2 wheels will make the state space very very small, the math about this is beyond me though

Thoughts?

Wow! It seems like we've been thinking similarly. I started adapting MH's visualizer too (for HTML5 using <canvas>, only maybe 30% done.)

On the Master version, it seems like the top wheel will almost always bind first, since it's the point of contact for the opening force. I think I've found a "static"-ish way to decode it, but haven't practiced on a lock with unknown combination yet.

1. Reset.
2. Moving the dials in an LRU pattern rotates the top wheel clockwise each time, in the smallest increment.
3. After each move in the LRU pattern, move downward, but hold the button at the bottom and then do the following.

a. Apply light-to-moderate tension on the shackle, enough to bind (ideally) just the first wheel.

b. Release the button, noting whether the button sticks or slides freely back to the center.

c. If the button slides freely, then the first wheel is still binding and not in a gate.

d. If the button sticks (under appropriate tension,) it means that another wheel is now bound, and the fence is in a gate.

e. On the Master version I have, the tolerances seem to allow the fence to move into the gate in two positions — the correct position, and the one immediately before. So as you go around, when there are two consecutive positions that stick, the second position should be the location of the true gate.

And then, as you said, trying to do the math to allow decoding of another wheel in a similar manner, but uh — lookup table time?

Another thing, my Knollan saly dance outdoor locks have come. They are clearly not made in the same factory as the masters. AND THEY HAVE FALSE GATES COOOOOOOL!

Super cool! Are the internals metal on those? Adding false gates is a formidable challenge.. how many do they add?

[Blank_Reg]

We should collaborate on a new visualizer.

Somewhat related to your point e: I noticed the "off by one" thing (set it to UURU and then enter UUU for example gets 3 gates aligned and 1 off by one) which can open the lock but sometimes you have to pull really hard or jiggle a bit. The fence is in the position before the gate and can work its way in like you say.

Re: the knollan.

I honestly don't know what makes it "outdoor". The internals are the same kind of plastic as the master it seems but grey instead of white. It has some lubricant "gunk" inside that seems different from the gunk in the masters.

I want to go on and on about the differences, and post pictures. so maybe ill make a new thread.

The false gates are the same on every wheel and equally spaced. there are 2 false gates on each wheel.

I'll try your gate detection method on the masters and on the knollans.

[prevariikation]

I want to go on and on about the differences, and post pictures. so maybe ill make a new thread.

I would be very interested to see that!

The false gates are the same on every wheel and equally spaced. there are 2 false gates on each wheel.

Makes sense! Preserving symmetry. So each wheel has gates at [x, -1], [y, 0] and [z, +1], and I would think that using the knowledge of the last stroke (-1, 0, +1) could still reduce the keyspace even if we can't discern a false from true gate.

[Blank_Reg]

I made a vid of me experimenting with the L(D)R(D)U(D) method and my dragging method on the masters and knollan.

https://www.youtube.com/watch?v=S2UPc3TWh7Q

[Squelchtone]

I think Masterlock speed dial can now be considered insecure!

Here is a complete decoding technique, a hybrid of gate detection and computer brute force. I could not have done it without mh's research and the LRU technique suggested by prevariikation.

Mh has already succesfully decoded this lock as described in http://frenchkey.fr/autopsies/MhPadlock ... l_V1.0.pdf but this method requires no tools and seems faster.

heres a video of me scrambling poor locky's brain and then decoding it. (im posting this before its done uploading)


https://youtu.be/DUbgZEZns1g


https://youtu.be/kP7kSTbA0SM



Ill post my code and a better video eventaully but I want to post here first!

Knollans looking pretty good right now. Master needs to add false gates.

[prevariikation]

So cool! I keep accidentally setting my lock to invalid states and so I haven't had a working run of your method yet.

To celebrate Blank_Reg's successful decoding, there's an HTML5 adaptation of mh's Visualizer uploaded and working at a basic level. Probably lots of bugs, performance is slow, needs a Git repository, etc. but at least the code's available

[Blank_Reg]

WOOHOO coooooool!


re: decoding, I have done it successfully about 4 times now on unknown combinations. I have the most problem when the right gate is sitting at a -1 slot. I have updated the pdf link to include the brute force lists.

Also I am cleaning up my code and sticking it on my github.

https://github.com/david-miller/speeddial_research

[Blank_Reg]

So, I;ve been timing myself decoding 3 different speed dials and setting them to completely random (very very long input) sequences.

Here's the times so far.
7m 30s
12m
1 hr
15m
20m
and infinity because I haven't decoded one after messing with it for an hour haha.

[prevariikation]

[...] and infinity because I haven't decoded one after messing with it for an hour haha.

I may have messed up my cutaway slightly , because my inputs and the actual state tend to diverge after seven moves or so. I did have a successful decode of my factory set lock with your method though!

I also uploaded a locker unlocker companion tool to help automate the process for me (with the usual code quality caveats.)

[Blank_Reg]

yes! I've noticed the divergence too. I limit the max run from reset in my code because of it.

Sorry have not posted lately because I got a new job, but I am still on team speed dial So cool yes we need some interactive web based helpers to where a middle schooler can decode this lock!!!

Addendum to my infinite lock decoding time. I decoded it but only after a brute force knowing the top gate and right gate sub n number (through cheating by watching a video of the last move).... but I found out that this lock is binding on the left and right wheel almost equally after the top is gated, totally wrecking my method. Out of about 6 locks I have seriously handled this is the only one ive found that binds on left+right wheels like this.

I am thinking that now we need to solve matrixes of equations lol.

[prevariikation]

Put the visualizer code on Github finally!

Slow going on new analysis, but I'm working on a process to manually generate moves that will match a given state of the disks (a preimage attack, basically.) This won't really help with decoding right away, but just as a curiosity I love it.

[prevariikation]

I added new features to the visualizer: you can store/restore a position, and there's a secret menu option </> to display your inputted moves verbatim, in addition to the normal display which shows the shortest sequence from reset to the current position.

On Blank_Reg's YouTube, somebody had a question that got me wondering:

Hey, I managed to lock this onto a truck bolt but there isn't enough clearance to "clear" the lock so even though I know the password, I'm not able to open it. Do you know if there's a work around to resetting this? [link]

I don't have an answer to their question, but started wondering if there was a way to undo a move without resetting. And it turns out, kinda! Wacky math notation ahead.

It's known that repeating the last move 5 times will bring you back to the same position: i.e., LUD ≡ LUD(DDDDD) ≡ LUD(D^5). Strangely, it seems like any sequence ⋯DCBA can be looped not only by A^5, but also (BA)^5, (CBA)^5, (DCBA)^5, et cetera. So LUD ≡ LUD(UD)^5 ≡ LUD(LUD^5) as well.

Where this gets interesting is that often, when repeating trailing subsequences 5 times, the shortest move sequence reflects that we have effectively undone the later moves! A dramatic example is RUUDLLL(RUUDLLL)^4(R) ≡ R, where the beginning of the fifth repetition returns to the same state as the first move in the sequence, allowing us to "undo" all but the first move.

It seems like on the fifth repetition of a full sequence, the states sync up at the 2nd move, at the latest. For example, while ULLLURDL(ULLLURDL)^4(UL) ≡ UL, turns out that ULLLURDL(ULLLURDL)^4(U) ≢ U.

Another strange observation is that (A^1)B(A^m) ≡ (A^p)B(A^q), for all p, q where (p+q) = (m+1). Most bafflingly, this applies not just to individual moves, but when A and B are entire sequences! So the sequence RRRR(UU)R ≡ RRR(UU)RR ≡ R(UU)RRRR, and LLL(UDD)L ≡ L(UDD)LLL, etc. I'm hoping that this shuffling action could be used to normalize sequences in an enlightening way

..this was a lot of words. Curious if anyone else has noticed these, or in particular, if these seem straightforward to you! My intuition is not so developed

[mh]

Very interesting!

I think the last observation is at least not counterintuitive: Each move adds to the rotation of 3 disks, and “normal” addition is commutative. With the lock’s disk configuration, there are limits, specifically because the last move sets the “fractional” part of 3 disks, and the previous move may do that for the 4th disk (or earlier moves if the last moves all point away from that disk).

Cheers
mh