Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT Students Release Code To 3D-Print High Security Keys

Posted by samzenpus on from the +10%-lockpicking dept.

Sparrowvsrevolution writes "At the Def Con hacker conference Saturday, MIT students David Lawrence and Eric Van Albert released a piece of code that will allow anyone to create a 3D-printable software model of any Schlage Primus key, despite Schlage's attempts to prevent the duplication of the restricted keys. With just a flatbed scanner and their software tool, they were able to produce precise models of Primus keys that they uploaded to the 3D-printing services Shapeways and i.Materialise, who mailed them working copies of the keys in materials ranging from nylon to titanium. Primus high-security locks are used in government facilities, healthcare settings, and detention centers, and their keys are coded with two distinct sets of teeth, one on top and one on the side. That, along with a message that reads 'do not duplicate' printed on the top of every key, has made them difficult to copy by normal means. With Lawrence and Van Albert's software, anyone can now scan or take a long-distance photo of any Primus key and recreate it for as little as $5."

1 of 207 comments (clear)

  1. Re:How quaint by mlts · · Score: 5, Informative

    I have been at several places where the key card system goes toes up and will not allow anyone in. The controller on a lot of HID systems is an XP box, and computers can fail, locking everyone out.

    You have to have a high security mechanical override somehow. A lot of places use Best locks (which are 6-7 pins, have spool/mushroom tumblers, and unique keyways.) Others tend to go with Medeco3.

    If you want resistance to 3D printers, there are already three methods which work well. The first is what is on Mul-T-Locks and Abloy PROTEC2 locks, and that is an active pin on the side of the key.

    The second is a method like the Evva MCS, and having magnets embedded in the key. Duplicating this is a lot harder than just 3D printing a replacement, one would have to know where all eight magnets are facing and precisely align them. Not impossible, but not trivial.

    Finally, there is the "CLIQ" technology that is going through multiple revisions. This combines a high security mechanical key with an electronic chip and tiny rotating pin powered from a battery on the key. Since each cylinder keeps the authorized keys in memory, there is no one central point of failure. The CLIQ system has gotten better over the years since it was opened at a previous DEFCON. First it was a pin that would retract, but that was changed to a small disk that rotates to allow the key to turn.

    Nothing is perfect, but Assa-Abloy's CLIQ system is getting decently secure to be used as a backup cylinder with a card access system.