Interesting People mailing list archives
more on worth readingKey Bumping
From: David Farber <dave () farber net>
Date: Wed, 4 Jan 2006 15:44:23 -0500
Begin forwarded message: From: Matt Blaze <mab () crypto com> Date: January 4, 2006 3:33:31 PM ESTTo: David Farber <dave () farber net>, "Steven M. Bellovin" <smb () cs columbia edu>
Subject: Re: [IP] Key Bumping For IP if you wish (with typo corrected): On Jan 4, 2006, at 12:37, Steven M. Bellovin wrote:
In message <06BF5AC9-43F9-49BD-8503-26CAB62A3C2C () farber net>, David Farber writes:Begin forwarded message: From: Brian Randell <Brian.Randell () newcastle ac uk> Date: January 4, 2006 12:23:37 PM EST To: dave () farber net Subject: Re: [IP] Key Bumping Hi Dave:Folks, I just found out about the "bumpkey" fromhttp://www.toool.nl/bumpkey-alert.wmv. Don't download that on a slowconnection, but if you watch it you'll get a real feeling of insecurity about expecting locks to protect your house. Apparently (see, forexample, http://www.toool.nl/index-eng.php), "bumping" is real and as soon as the idea spreads, houses may as well not have mechanical lockson them. :(The (naive) impression I have is that this works for the various types of cylinder lock, i.e a lock in which the key is pushed in past a set of spring-loaded pins - it's not obvious to me that it would be effective with lever locks. Does anyone know whether this is in fact correct? cheersMatt Blaze is the guy to ask. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
"Bump" keys do open most pin-tumbler locks, working under the same principle as a "pick gun": by transferring energy (simultaneously on all tumblers) through the "bottom" pin segments to create for a moment a gap at the shear line that allows the lock to rotate. The basic idea is this: a standard key that fits the lock in question is cut for the deepest cut (at all tumbler positions). The key is inserted into the lock and withdrawn by one tumbler position. Then, while applying slight torque, it is struck rapidly with a hammer. The ridges between cuts strike the pins, which in turn transfer energy to move the other pin segments but without moving much themselves (just as a billiard ball transfers energy to the next ball). This creates, briefly, a gap at the shear line, during which the lock will turn. Spring loaded "pick guns" that do the same thing have been around for a while -- at least 50 years -- but bump keys appear to be a somewhat more recent refinement. The technique is mentioned briefly in the '98 edition of Tobias' _Locks,_Safes_and_Security. Barry Wels and Rop Gonggrijp's paper goes into more detail, and shows that it can be effective even against so-called "high security" locks. The main advantage to the attacker of the bump key technique over a pick gun is that it requires no special (or suspicious) tools: just an ordinary key and a hammer or screwdriver. It also appears to be a bit easier to master, and bump keys can be fabricated even for locks that conventional pick guns don't easily fit (such as dimple key locks). The main disadvantage to the attacker is that it requires having a separate bump key (and obtaining a key blank) for each brand of lock. Is it the end of the world for the many pin tumbler lock designs that are susceptible to the technique? Well, that coffin should have quite a few nails in it already, yet these locks continue to dominate the market in the US and many other countries. The primary significance of the technique is that it lowers the bar against many "high security" products that are widely though to be much more resistant to attack than they actually are. -matt ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on worth readingKey Bumping David Farber (Jan 04)