Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT Students Release Code To 3D-Print High Security Keys

Posted by samzenpus on from the +10%-lockpicking dept.

Sparrowvsrevolution writes "At the Def Con hacker conference Saturday, MIT students David Lawrence and Eric Van Albert released a piece of code that will allow anyone to create a 3D-printable software model of any Schlage Primus key, despite Schlage's attempts to prevent the duplication of the restricted keys. With just a flatbed scanner and their software tool, they were able to produce precise models of Primus keys that they uploaded to the 3D-printing services Shapeways and i.Materialise, who mailed them working copies of the keys in materials ranging from nylon to titanium. Primus high-security locks are used in government facilities, healthcare settings, and detention centers, and their keys are coded with two distinct sets of teeth, one on top and one on the side. That, along with a message that reads 'do not duplicate' printed on the top of every key, has made them difficult to copy by normal means. With Lawrence and Van Albert's software, anyone can now scan or take a long-distance photo of any Primus key and recreate it for as little as $5."

45 of 207 comments (clear)

  1. "Do Not Duplicate" by DexterIsADog · · Score: 5, Interesting

    Really? That makes them difficult to duplicate? On which planet?

    1. Re:"Do Not Duplicate" by DexterIsADog · · Score: 5, Interesting

      You have to be kidding - I have duplicated dozens of keys with that admonition on it. Not a single refusal from locksmiths, Home Depot staff, etc.

      lol, how did you get modded insightful for something patently untrue?

    2. Re:"Do Not Duplicate" by Jah-Wren+Ryel · · Score: 3, Interesting

      on the planet where folks that have a key "grinder" tend to also be the folks that would obey said instruction

      That happens to be the same planet where you can just put a little piece of tape over the DND message, maybe write something on the tape so it looks like a label, and then nobody is the wiser.

      Or just go to a place like yelp to find locksmiths that don't care.

      --
      When information is power, privacy is freedom.
    3. Re:"Do Not Duplicate" by mcmonkey · · Score: 4, Funny

      on the planet where folks that have a key "grinder" tend to also be the folks that would obey said instruction

      And which planet is that? It certainly isn't Earth.

      In my college days we'd make copies of the dorm keys for friends who lived off campus, so we wouldn't have to go down to let them in the front door of the dorm.

      Not only did those keys have the imprint "do not duplicate," but the copies we got back would have the same message!

    4. Re: "Do Not Duplicate" by Anonymous Coward · · Score: 3, Funny

      How dare the copies include "Do Not Duplicate", when the original clearly stated that the words must not be duplicated!

    5. Re:"Do Not Duplicate" by egcagrac0 · · Score: 2

      The Primus keys are what's known as a "patented keyway".

      The general idea is that Schlage is the only company that's (supposed) to be allowed to sell the blanks, and they only sell them to locksmiths that agree to play by their rules (like promising only to make dupes for authorized people).

      The duplication of these keys is not newly possible - but it's a new simplification.

    6. Re:"Do Not Duplicate" by cjpa · · Score: 2

      I'm waiting for the day someone prints bitcoins.

    7. Re:"Do Not Duplicate" by Goghit · · Score: 3, Funny

      Piece of masking tape over the "Do Not Duplicate" stamp, and write "Rm 103" on the tape. Social engineering ain't just for bank cards.

    8. Re:"Do Not Duplicate" by minstrelmike · · Score: 2

      Or you could answer the ad on a matchbook and become a locksmith.

  2. How quaint by msobkow · · Score: 5, Insightful

    I'd hardly call any industry that uses a physical key "high security" in an age of individually-revokable key card technologies.

    How secure can a facility be when the loss of one key means that everyone's keys have to be replaced in order to recode the lock?

    --
    I do not fail; I succeed at finding out what does not work.
    1. Re:How quaint by fuzzyfuzzyfungus · · Score: 2

      You just tell everybody who has to come in for a key replacement who it was who lost their key, then turn your back and whistle innocently. Cuts the loss rate significantly.

    2. Re:How quaint by Anonymous Coward · · Score: 5, Insightful

      Thus ensuring that people who lose keys wait as long as possible before reporting it, in order to avoid retribution. Now you've lowered your loss rate *and* your security at the same time. :)

    3. Re:How quaint by fuzzyfuzzyfungus · · Score: 3, Insightful

      Exactly! People love Objective Metrics (especially ones made of numbers, because numbers are super scientific) that are easy to measure; because they allow even the laziest among them to experience the warm, comforting, embrace of Knowledge. They hate, and thus tend to ignore, fuzzy metrics that are difficult or impossible to quantify (like 'security') because those are a morass of nescience and harrowing epistemic uncertainty.

      By doing exactly the wrong thing, and encouraging blatantly insecure behavior (you also likely create a culture of casual key-sharing and letting just anybody who 'lost their key' in), you drive the metric that people are looking at through the floor (demonstrating your Epic Competence), and shove all the risk under the rug of the metric that everybody avoids looking at and politely doesn't mention!

    4. Re:How quaint by Anonymous Coward · · Score: 2, Interesting

      I'd hardly call any industry that uses a physical key "high security" in an age of individually-revokable key card technologies.

      How secure can a facility be when the loss of one key means that everyone's keys have to be replaced in order to recode the lock?

      The data on key cards can be replicated as well. Heck, even the new "e-passports" gaining popularity with governments around the world have been cloned in the past.

      Also, even locks that use key cards have mechanical elements. The bits can be secure as can be, but there may be physical ways to bypass the system.

      AFAIK, the only physical keying system that has not been hacked is Abloy's (non-Cliq) Protec. Short of drilling out the cylinder I don't think anyone has been able to get in without having a key. Or at least this was the case about a year ago (the last time I looked).

    5. Re:How quaint by mlts · · Score: 5, Informative

      I have been at several places where the key card system goes toes up and will not allow anyone in. The controller on a lot of HID systems is an XP box, and computers can fail, locking everyone out.

      You have to have a high security mechanical override somehow. A lot of places use Best locks (which are 6-7 pins, have spool/mushroom tumblers, and unique keyways.) Others tend to go with Medeco3.

      If you want resistance to 3D printers, there are already three methods which work well. The first is what is on Mul-T-Locks and Abloy PROTEC2 locks, and that is an active pin on the side of the key.

      The second is a method like the Evva MCS, and having magnets embedded in the key. Duplicating this is a lot harder than just 3D printing a replacement, one would have to know where all eight magnets are facing and precisely align them. Not impossible, but not trivial.

      Finally, there is the "CLIQ" technology that is going through multiple revisions. This combines a high security mechanical key with an electronic chip and tiny rotating pin powered from a battery on the key. Since each cylinder keeps the authorized keys in memory, there is no one central point of failure. The CLIQ system has gotten better over the years since it was opened at a previous DEFCON. First it was a pin that would retract, but that was changed to a small disk that rotates to allow the key to turn.

      Nothing is perfect, but Assa-Abloy's CLIQ system is getting decently secure to be used as a backup cylinder with a card access system.

    6. Re:How quaint by mlts · · Score: 3, Informative

      Last time I read, the locksport guys have managed to get it open in 10-12 hours. The Protec is about ten years old, and Abloy has put out the Protec2 with minor changes recently which, AFAIK, has not been opened.

      I'd probably say the Protec2 + CLIQ is probably the best out there. It isn't 100%, (as the 2009 DEFCON got them back to the drawing board to deal with the vibration and magnet attacks and made a rev using a disk that turns as opposed to a pin that retracts), but it is as good as it gets for this department.

      Of course, there is one step up from there -- going with Kaba-Mas X-10 combo locks on the doors as a backup. However, for almost any task, the Protec2+Cliq is probably the best of breed we have right now.

    7. Re:How quaint by msauve · · Score: 3, Informative

      I worked in an office with electromagnetic latches. Used a badge reader to get in. A motion sensor would let you out. If you forgot your badge, flipping a sheet or two of paper through the gap between the doors would trigger the motion sensor and let you in.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    8. Re:How quaint by SuricouRaven · · Score: 2

      Similar trick on ours. The doors also have those flip-up-and-down levers on the inside edges that allow for one side to be locked shut. We've no actual use for them, they are just part of the 'stanard' door that the builders purchased and installed. The children soon worked out that if you flip the lever down, the bolt comes out the top of the door and stops it closing. Which means the magnet can't make contact with the locking plate. So now there is a crew that always flips the bolts when they come through in the allowed direction, so that when they later come the the other way they can get through.

    9. Re:How quaint by Anonymous Coward · · Score: 2, Interesting

      Overcoming 3D printers is simple.

      Make the key a box channel with the pins inside of it. Not a U-channel, a full box channel. No angle of visibility from the outside can image the functional workings of the key. And likely, an inner channel impression would not give you a good reading either.

      Making new ones would be a bitch, but, hey, I bet 3D printing could help with that. Generate pin shapes based on a GUID, and you're golden.

    10. Re:How quaint by cellocgw · · Score: 2

      I'd hardly call any industry that uses a physical key "high security" in an age of individually-revokable key card technologies.

      Remember that electronic locks can have various vulnerabilities too.

      That's why I'm going to put in a voice-activated lock system. You have to know the secret word, which I've cleverly stuck inside the Welcome Notice printed over the door.
      Just don't throw things into the pond while working out the right word.

      --
      https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
    11. Re:How quaint by wierd_w · · Score: 2

      Filling the box channel with 2 part silicone rubber mix, then chasing it will produce a high precision casting negative of the channel, which can then be easily scanned. (and being rubber, easily extracted from the box channel)

      Many software packages permit boolean remove operations, which would allow them to position the 3d scanned rubber impression onto a blank channel way, then boolean remove the negative to get the positive impressions again in the digital model.

      Then it's 3D print time.

    12. Re:How quaint by dkf · · Score: 2

      By doing exactly the wrong thing, and encouraging blatantly insecure behavior, you drive the metric that people are looking at through the floor (demonstrating your Epic Competence), and shove all the risk under the rug of the metric that everybody avoids looking at and politely doesn't mention!

      Wait, are we talking about the banking system here?

      --
      "Little does he know, but there is no 'I' in 'Idiot'!"
  3. Low-tech solution by Conspiracy_Of_Doves · · Score: 4, Interesting

    Make the keys so that there are sheaths around them, which can bend away on a spring when you need to use the key, or the key can come out of the end of the sheath. Or some other way to hide the tooth pattern when the key isn't being used.

    --

    Technoli
    1. Re:Low-tech solution by mlts · · Score: 2

      Some English prison locks do this, because part of their design is to make the key and keyway as hard to eyeball as possible (so prisoners can't carve one out of soap or whatnot.)

    2. Re:Low-tech solution by quetwo · · Score: 2

      +1.

      One of my friend's old warehouses had a wicked lock, plus card access, air-lock, etc. It wasn't in the best part of town.

      Either way, their building caught on fire (HVAC unit burned up). It took the fire-marshall about 20 seconds to get through their reinforced door, and another 15 seconds to get through the rest of their security. If people want in, they will get in. It is all a matter of how much attention you generate for yourself, and how long you want to prolong people knowing you were there.

      Watching a wrecking crew take down a house in my neighborhood had a similar experience -- the contractor taking down the house only needed one hit with a sledgehammer to get through their front door. The other contractor used a sledgehammer to go through the side wall to check the utility room. Again, if they want to get in, they can get in.

  4. Re:Long distance photo? by fuzzyfuzzyfungus · · Score: 3, Interesting

    I don't think so. A long distance photo is not going to give enough detail. You'll need a high resolution photo of the key.

    Wacky Fun!. That paper appears to deal with a less sophisticated key; but demonstrated successful attacks at 195 feet, with comparatively cheap apparatus.

  5. Re:Unfortunately by Cenan · · Score: 4, Informative

    Locks don't make secure doors, doors do. If you wish to enter, the type of lock on the door is not going to deter you. Electronic locks are not more or less secure, it is just a different set of crooks that are able to get through them without leaving traces.

    --
    ... whatever ...
  6. Uhm... not really impressive by dbitter1 · · Score: 5, Interesting

    Former locksmith here. The Primus (and nearly all of the other high security keys) are simply relying on patent protection to keep people from duplicating the keys. Any locksmith worth his/her salt already has key machines that could reproduce them onto a chunk of brass (worst case) or just onto a normal key blank.

    If you want to see something that would impress me, look at a German company - DOM - that has a design that includes a floating ball bearing in the key, which is integral to making the lock work. If they could make THAT with a printer, I'd be impressed.

    One model:
    http://www.dom-sicherheitstechnik.com/DOM-ix-Saturn.667.0.html

    --
    For us carnivores, "Sucking the marrow out of life" isn't a transcendentalist philosophy but a practical instruction.
    1. Re:Uhm... not really impressive by 50000BTU_barbecue · · Score: 2

      I've noticed that with the shoddy and fragile construction endemic in North American residences, it's not worth putting a fancy lock on things. You can kick the door in with one kick from a polio victim. Or with just a bit more force you can punch down the drywall and fake facade.

      --
      Mostly random stuff.
    2. Re:Uhm... not really impressive by drinkypoo · · Score: 2

      The purpose of the locks is to make it noisier to get into the house, and to signal legal intent. If you are expecting crooks in your neighborhood to be good at picking ordinary locks and actually use the skill, then upgrading your locks might get them caught in the act.

      Probably not though

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  7. Really Secure Facilities... by NotSanguine · · Score: 2

    have 24 hour surveillance and use "man traps" which require multiple access keys, electronic or otherwise.

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
  8. patented blanks by gl4ss · · Score: 3, Interesting

    what the lock companies do is they patent the blanks.

    that's why lock companies come up with a new scheme every so often. and to buy those blanks you need to sign a contract that you wont copy without permission of the lock owner.. which is hard to check anyways.

    --
    world was created 5 seconds before this post as it is.
    1. Re:patented blanks by torkus · · Score: 3, Interesting

      This (mostly). You'll also see several of only selling additional blanks to locksmiths in an equal number to the customer codes they punch into their system. It's not perfect but it's another control

      Before the printing game this worked 100%...excluding the 'illegal' bootleg keys most locksmiths would buy from China...which are, of course, much cheaper. :)

      --
      You can get rich if you own a politician, but you have to be rich to buy one in the first place.
    2. Re:patented blanks by Jane+Q.+Public · · Score: 2

      "Before the printing game this worked 100%..."

      Nonsense. It did nothing of the sort. Not even close. I know, because I duplicated a lot of institutional keys with "Do Not Duplicate" on them, for "security" locks. (Disclaimer: I did not use them to steal anything, or invade residences, or anything like that. I won't go into why I did it but it wasn't to commit a crime spree.)

      If you had an original key (or an accurate enough impression or 1x scale trace or photograph), all you then need is a key blank that will fit the lock. This sounds easy but in fact can be quite difficult, because there are A LOT of different variations on keyways out there. But in the case of Schlage, there were only a relative few, and you could often get "generic" knockoff blanks from your local K-Mart. If you already know the particular kind you are looking for, it's a matter of a few minutes to go into the store and buy a blank for $1.

      Once you have the blank, you can duplicate the key accurately with hand tools in less than 15 minutes. I won't go into the details here but suffice it to say that this doesn't require genius-level puzzle solving and it isn't particularly difficult to do.

      The only thing the specific "high security" keys OP wrote about brought to the table is the difficulty of cutting a copy. You aren't going to do it by hand with a file in a short period of time. But *IF* you had a blank, you could cut it with a milling machine or a drill press with a cutting head without too much trouble.

  9. Re:Unfortunately by hedwards · · Score: 5, Insightful

    Not true. I used to work security in a building that had a lot of electronic locks. And ultimately, you can't enter them without leaving a trace. Sure, they might not know who it is that entered at 2:26 AM, but we would know that somebody entered at that time. Whereas with regular keys, we would at most know that somebody went to that floor around that time, but we'd have no clue as to which door they went into.

    In other words, we could probably get video footage of the person that went into the door secured by an electronic lock, or at least narrow it down substantially, but would have no way of doing that with a traditional lock as we would have to have video of them getting into the elevator, not at the actual door.

    What's more, with electronic locks, there's the ability to lock people out during periods of the day that you can't do with a traditional lock and you can change the key much more rapidly.

    Yes, they aren't perfect and can be prone to attacks that a normal lock and key aren't. But, ultimately, suggesting that they're not any sort of improvement ignores reality.

  10. Meh by unixcorn · · Score: 2

    A lock will only ever serve to keep an honest man honest.

  11. You must not live in my jurisdiction by davidwr · · Score: 3, Interesting

    I my jurisdiction it is (or was, a decade ago) against the law* for a locksmith to copy keys that are both marked "do not duplicate" and which used blanks available only to locksmiths required the locksmith to go through paperwork to make sure the person requesting the copy was authorized by the lock-owner to do so. This typically involved asking the requester to provide the lock's "number" which presumably the lock owner had but which was not on the key or lock itself.

    Up until recent decades, one of the more practical ways to duplicate many security keys was to make a mold and build a key from it, like you saw in 1960s spy movies. Yes, that required physical possession, but it didn't require a locksmith.

    --
    *I'm not sure if the law has any real teeth, it may be just a "civil fine" or it may just open up the locksmith to civil liability if the key is misused, much like if a bartender serves a drunk person more booze and they drive and kill someone, the bartender can be sued by the victim's family.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
    1. Re:You must not live in my jurisdiction by mjr167 · · Score: 2

      So are these keys you cant get a copy made at Wal-Mart? Cause I'm pretty sure the minimum wage Wal-Mart employee doesn't care.

  12. 3D Printing Hysteria by Sperbels · · Score: 5, Insightful

    Can some explain to me why the only stories about 3D printing that make the news are ridiculously paranoid? Anyone can print out a secret key. Anyone can print out shitty plastic gun. What's next? Anyone can print out a bat'leth? Anyone can print out a plastic pressure cooker and make a plastic bomb? Anyone can print out plastic kiddie porn? Not one story discussing the incredible potential? Like, machines printing out copies of itself? Or the effects on a society and economy where any product can be downloaded and printed? None of that interesting stuff? Just the fear and paranoia stuff?

    1. Re:3D Printing Hysteria by mlts · · Score: 2

      It is a new technology, and the first thing that happens are the fearmongers coming out. Next come the regulators because they want to enforce the status quo.

      Same old thing, we had this with computers, we had this with the Internet. I wouldn't be surprised if there is a law or international treaty that gets passed forcing all 3D printer makers to have a DRM stack, or only allow signed files to be printed on the machines (with people having to send all stuff they want printed to a third party for "approval" and a certificate.)

    2. Re:3D Printing Hysteria by Culture20 · · Score: 2

      You can 3D print a spatula. Nothing says "I love you" like the gift of a 3D printed spatula.

  13. Re:Long distance photo? by tibit · · Score: 4, Informative

    Whenever you'll be playing with a 12 inch or larger telescope, do yourself a favor and point it onto a terrestrial target a few hundred feet away. I've seen terrestrial pictures being taken through a 20" telescope and all I can tell you is that with clear air it's feels like taking your point and shoot and teleporting it a mile away. Never mind that if you don't care about giving yourself away, you can also flash-illuminate your target through the same optical assembly. I have to dig up some of the portraits my colleague took with his girlfriend standing about 1100 m. away on a winter night, with heavily overcast sky and no moon, with through-the-lens flash. It really looks as if you've been standing right there, except that of course the aberrations typical for closeup pictures are nowhere to be seen. As far as portraits go, a telescope gives you IMHO the best 2D reproduction to be had. I'm sure it'd be just as great at extracting the geometry of a key, since you get as close to axonometric projection as you can get.

    --
    A successful API design takes a mixture of software design and pedagogy.
  14. Re:Unfortunately by egcagrac0 · · Score: 2

    The electronic locks around here are powered by battery as well as mains.

    After the 12 hours (or so) of battery wears out, it depends on the lock type - the electric strike locks are fail-closed (bypassable by mechanical key), the magnetic locks are fail-open.

  15. that's not how it works. recode the lock bitmask by raymorris · · Score: 2

    You don't have to replace all the keys.
    If you're concerned, you replace one pin stack in xhe locks that key opens. You don't issue everyone identical keys. My key opens my office and the back door, only. The back door lock has a stack of pins that work as a bitmask, so many keys can open it and you can add or remove keys without necessarily affecting the others.

    In re systems that use physical keys - key cards and key fobs are physical keys too. Key cards store their bit pattern in iron powder. "Regular" keys store their bit pattern in brass. There's no fundamental difference in security.

  16. Re:Why? by serviscope_minor · · Score: 2

    If this is a security flaw then so is a pair of bolt cutters.

    Um yeah? If a seriously secure facility is vulnerable to bolt cutters then bolt cutters are indeed a security flaw.

    And what I do is far more worth while then enabling yet a larger set of individuals to break into secure facilities.

    Oh don't you pull the bait and switch on me sonny boy. You know very well that the original compairson was to "curing cancer". I very much doubt you do anything as worthy as "finding a cure to cancer". That's your measure of worth. Not mine.

    This whole idea that if you find a vulnerability, you should publish it, is complete bullshit pushed by childish morons with a very warped sense of morality.

    Classic invective as expeced from one who lacks a logical argument.

    If you go back and read the thread there was at least one poster, modded +5 insightful no less who having not RTFA doubted that keys would be vulnerable to long range snooping. TFA proved him wrong. So clearly there are people with misconceptions who are could actually informed by such an article.

    Your attitude does exactly what it claims the article does: by suppressing information on vulnerabilities, you leave the security flaws wide open for well informed criminals to exploit. Apparently criminals have few qualms about sharing "trade secrets", so your method ensures that only the criminals are well informed.

    --
    SJW n. One who posts facts.