Embed Size (px)
Citation preview
Open in 30 Seconds
Cracking One of the
Most Secure Locks in America
Marc Weber Tobias
Matt Fiddler
Tobias Bluzmanis
Agenda
• Part I: The Beginning
• Part II: Key Control and Key Security
• Part III: Locks Lies and Videotape
PART I
The Beginning
WHY THE MEDECO CASESTUDY IS IMPORTANT
• Insight into design of high security locks
• Patents are no assurance of security
• Appearance of security v. Real World
• Undue reliance on Standards
• Manufacturer knowledge and Representations
• Methodology of attack
• More secure lock designs
CONVENTIONAL v.HIGH SECURITY LOCKS
• CONVENTIONAL CYLINDERS– Easy to pick and bump open
– No key control
– Limited forced entry resistance
• HIGH SECURITY CYLINDERS– UL and BHMA/ANSI Standards
– Higher quality and tolerances
– Resistance to Forced and Covert Entry
– Key control
HIGH SECURITY LOCKS:
• Protect Critical Infrastructure, highvalue targets
• Stringent security requirements
• High security Standards
• Threat level is higher
• Protect against Forced, Covert entry
• Protect keys from compromise
HIGH SECURITY:Three Critical Design Factors
• Resistance against forced entry
• Resistance against covert andsurreptitious entry
• Key control and “key security”
Vulnerabilities exist for each requirement
HIGH SECURITY LOCKS:Critical Design Issues
• Multiple security layers
• More than one point of failure
• Each security layer is independent
• Security layers operate in parallel
• Difficult to derive intelligence about alayer
ATTACK METHODOLOGY
• Assume and believe nothing
• Ignore the experts
• Think “out of the box”
• Consider prior methods of attack
• Always believe there is a vulnerability
• WORK THE PROBLEM
– Consider all aspects and design parameters
– Do not exclude any solution
ATTACKS:Two Primary Rules
• “The Key never unlocks the lock”
– Mechanical bypass
• Alfred C. Hobbs: “If you can feel onecomponent against the other, you canderive information and open the lock.”
METHODS OF ATTACK:High Security Locks
• Picking and manipulation of components
• Impressioning
• Bumping
• Vibration and shock
• Shim wire decoding (Bluzmanis and Falle)
• Borescope and Otoscope decoding
• Direct or indirect measurement of criticallocking components
ADDITIONAL METHODS OFATTACK
• Split key, use sidebar portion to setcode
• Simulate sidebar code
• Use of key to probe depths andextrapolate
• Rights amplification of key
EXPLOITINGFEATURES
• Codes: design, progression
• Key bitting design
• Tolerances
• Keying rules
– Medeco master and non-master key systems
• Interaction of critical components and lockingsystems
• Keyway and plug design
STANDARDSREQUIREMENTS
• UL and BHMA/ANSI STANDARDS
• TIME is critical factor– Ten or fifteen minutes
– Depends on security rating
• Type of tools that can be used
• Must resist picking and manipulation
• Standards do not contemplate orincorporate more sophisticated methods
COVERT and FORCEDENTRY RESISTANCE
• High security requirement
CONVENTIONAL PICKING
SOPHISTICATEDDECODERS
• John Falle: Wire Shim Decoder
TOBIAS DECODER: “[email protected]”
DECODE PIN ANGLES
FORCED ENTRYRESISTANCE
FORCED ENTRY ATTACKS:Deficiencies in standards
• Many types of attacks defined
• Mechanical Bypass - Not Contemplated
• Must examine weakest links
• Do not cover “hybrid attacks”
– Medeco deadbolt attacks
– Medeco mortise attack
SIDEBAR:Bypass and Circumvention
• Direct Access– Decoding attacks
– Manipulation
– Simulate the sidebar code (Medeco)
– Use of a key (Primus and Assa)
• Indirect access– Medeco borescope and otoscope decode
issues
FORCED ENTRY ATTACKS
• Direct compromise of critical components
– Medeco deadbolt 1 and 2 manipulatetailpiece
• Hybrid attack: two different modes
– Medeco reverse picking
• Defeat of one security layer: result
– Medeco Mortise and rim cylinders, defeatshear line
MEDECO CASE HISTORY
• Exploited vulnerabilities
• Reverse engineer sidebar codes
• Analyze what constitutes security
• Analyze critical tolerances
• Analyze key control issues
• Analyze design enhancements for newgenerations of locks: Biaxial and m3and Bilevel
MEDECO MISTAKES
• Failed to listen
• Embedded design problems from beginning
• Compounded problems with new designswith two new generations: Biaxial and m3
• Failed to “connect the dots”
• Failure of imagination
• Lack of understanding of bypass techniques
DESIGN = VULNERABILITY
• Basic design: sidebar legs + gates
– How they work: leg + gate interface
– Tolerance of gates
• Biaxial code designation
• Biaxial pin design: aft position decoding
• M3 slider: geometry
• M3 keyway design
• Deadbolt design
MEDECO DESIGN:Exploit design vulnerabilities
• EXPLOIT BEST DESIGN FEATURES
• Sidebar leg – true gate channel
• Code assignment: Biaxial 1985
• Gate – sidebar leg tolerance
• M3 design 2003
– Widen keyway .007”
– Slider geometry, .040” offset
MEDECO TIMELINE
• 1970 Original Lock introduced
• 1985 Biaxial, Second generation
• 2003 m3 Third generation
MEDECO LOCKS:Why are they Secure?
• 2 shear lines and sidebar for Biaxial
• 3 independent security layers: m3
• Pins = 3 rotation angles, 6 permutations
• Physical pin manipulation difficult
• False gates and mushroom pins
• ARX special anti-pick pins
• High tolerance
MODERN PIN TUMBLER
MEDECO BIAXIAL
MEDECO LOCKS:3 Independent Layers
• Layer 1: PIN TUMBLERS to shear line
• Layer 2: SIDEBAR: 3 angles x 2 positions
• Layer 3: SLIDER – 26 positions
Opened By;Lifting the pins to shear line
Rotating each pin individually
Moving the slider to correct position
MEDECO TWISTING PINS:3 Angles + 2 Positions
SIDEBAR Technology
• Blocks rotation of the plug
• One or two sidebars
• Primary or secondary locking
• Only shear line or secondary
• Integrated or separate systems– Assa, Primus, Mul-T-Lock MT5, Evva MCS= split
– Medeco and 3KS = integrated
• Direct or indirect relationship and access bykey bitting
SIDEBAR LOCKING:How does it work
• One or two sidebars
• Interaction during plug rotation
• Direct or indirect block plug rotation
• Sidebar works in which modes– Rotate left or right
– Pull or push
• Can sidebar be neutralized: i.e. Medeco– Setting sidebar code
– Pull plug forward, not turn
SIDEBAR LOCKINGInformation from the lock?
• Feel picking: sense interactions
• Medeco, 3KS, Primus, Assa = direct link
• MCS = indirect link: sidebar tocomponent
• Sidebar + pins/sliders interaction toblock each other: ability to applytorque?
SECURITY CONCEPTS:Sidebar “IS” Medeco Security
• GM locks, 1935, Medeco re-invented
• Heart of Medeco security and patents
• Independent and parallel security layer
• Integrated pin: lift and rotate to align
• Sidebar blocks plug rotation
• Pins block manipulation of pins forrotation to set angles
PLUG AND SIDEBAR:All pins aligned
SIDEBAR RETRACTED
PLUG AND SIDEBAR: Locked
MEDECO CODEBOOK:At the heart of security
• All locksmiths worldwide must use
• All non-master keyed systems
• New codes developed for Biaxial in1983
• Chinese firewall: MK and Non-MK
• Codebook defines all sidebar codes
MEDECO RESEARCH:Results of Project
• Covert and surreptitious entry in as little as30 seconds: standard requires 10-15 minutes
• Forced entry: four techniques, 30 seconds,affect millions of locks
• Complete compromise of key control
– Duplication, replication, simulation of keys
– Creation of bump keys and code setting keys
– Creation of top level master keys
M3 SLIDER:Bypass with a Paper clip
SECURITY OF m3:
Video Demo:
• Medeco Slider Bypass
RESULTS OF PROJECT:Picking
• Pick the locks in as little as 30 seconds
• Standard picks, not high tech tools
• Use of another key in the system to setthe sidebar code
• Pick all pins or individual pins
• Neutralize the sidebar as security layer
PICKING A MEDECO LOCK
Video Demo:
• Picking Medeco Locks
RESULTS OF PROJECT:“Reverse Picking”
Video Demo:
• “Reverse Picking” Medeco Locks
RESULTS OF PROJECT:Bumping
• Reliably bump open Biaxial and m3locks
• Produce bump keys on Medeco blanksand simulated blanks
• Known sidebar code
• Unknown sidebar code
MEDECO BUMP KEY
Video Demo:
• Bumping Medeco Locks
– Jenna Lynn
– Tobias
RESULTS OF PROJECT:Decode Top Level Master Key
• Determine the sidebar code in specialsystem where multiple sidebar codesare employed to protect one or morelocks
• Decode the TMK
• PWN the system
RESULTS OF PROJECT:Forced Entry Techniques
• Deadbolt attacks on all three versions
– Deadbolt 1 and 2: 30 seconds
– Deadbolt 3: New hybrid technique ofreverse picking
• Mortise and rim cylinders
– Prior intelligence + simulated key
• Interchangeable core locks
DEADBOLT ATTACK
DEADBOLT BYPASS: 2$Screwdriver + $.25 materials
Video Demo:
• Deadbolt Bypass:
– Original
– Interim Fix
– Current Production
MEDECO BILEVEL
• 2007 Bilevel locks introduced
• Integrate low and high security tocompete
• Flawed design, will affect systemsecurity when integrated into highsecurity system
• Borescope decoding of aft pins tocompromise security of entire system
CONNECTING THE DOTS:The Results
• Biaxial Code assignment: ReverseEngineer for all non-master key systems
• Gate tolerance: 4 keys to open
• NEW CONCEPT: Code Setting keys
• Sidebar leg-gate interface: NEW CONCEPT:Setting sidebar code
• M3 Wider keyway: Simulated blanks
• Slider design: paper clip offset
4 KEYS TO THE KINGDOM
PART II
Key Control
and
Key Security
KEY CONTROL: The Theory
• PROTECTION OF BLANKS OR CUTKEYS FROM ACQUISITION OR USE:
– Unauthorized duplication
– Unauthorized replication
– Unauthorized simulation
• restricted keyways
• proprietary keyways
• sectional keyways
MEDECO INSECURITY:Real World Threats - Keys
• VIOLATION OF KEY CONTROL andKEY SECURITY
– Compromise of entire facility
– Improper generation of keys
KEYS and KEY CONTROL
KEYS: EASIEST WAY TO OPEN LOCKS
– Change key or master key
– Duplicate correct bitting
– Bump keys
– Rights amplification: modify keys
PROTECTION OF KEYS
– Side bit milling: Primus and Assa
– Interactive elements: Mul-T-Lock
– Magnets: EVVA MCS
0WN THE SYSTEM:Obtaining the Critical Data
TECHNIQUES TO OBTAIN KEY DATA
• Impressioning methods
• Decoding: visual and Key Gauges
• Photograph
• Scan keys
• Copy machine
KEYS: CRITICAL ELEMENTS
• Length = number of pins/sliders/disks
• Height of blade = depth increments = differs
• Thickness of blade = keyway design
• Paracentric design
• Keyway modification to accommodate othersecurity elements
– Finger pins
– Sliders
KEY CONTROL
KEY CONTROL“KEY SECURITY”
• Duplicate
• Replicate
• Simulate
“Key control” and “Key Security” may notbe synonymous!
KEY SECURITY: A Concept
• Key control = physical control of keys
• Prevent manufacture and access to blanks
• Control generation of keys by code
• Patent protection
• Key security = compromise of keys
– Duplication
– Replication
– Simulation
MEDECO KEY CONTROL:Appearance v. Reality
• WHAT IS IT SUPPOSED TO MEAN?
• ARE THE STANDARDS SUFFICIENT?
• REAL WORLD VULNERABILITIES
MEDECO KEY CONTROL:Virtually Impossible to Copy
“High security starts with key control; a process
that insures that keys cannot be duplicated
without proper permission. Clearly, if anyone
can have a lock’s key copied, then it truly
doesn’t matter how tough the lock itself is
built. Medeco’s patented key control makes it
virtually impossible for someone to duplicate
a commercial or residential key without
proper permission.”
MEDECO HIGH SECURITYKEYS v. STANDARD KEYS
“A standard key can be copied at a million
stores without restriction or proof of
ownership. Unauthorized duplicate keys
often result in burglaries, theft, vandalism,
and even violent crimes.”
– Medeco advertising brochure
Video Demo:
• Medeco Key Copy Promo
MEDECO KEY CONTROL:The Problem
CIRCUMVENTING SECURITY LAYERS
– Keyways can be bypassed
– Blanks can be simulated
– Sidebar codes are simulated
– Slider can be bypassed
NO REAL LEGAL PROTECTION EXCEPT FOR M3STEP
– Patent expired 2005
– Keyways not protected
– Third party blanks
KEY Control:Duplicate - Replicate - Simulate
SECURITY THREAT:Failure of Key Control:
DuplicateIMPROPER ACQUISITION OR USE OF
KEYS BY EMPLOYEES ORCRIMINALS
– Unauthorized access to facilities or areas
– Bump keys
– Use for rights amplification
– Compromise master key systems
SECURITY THREAT:Failure of Key Control:
ReplicateHIGH SECURITY LOCKS AND KEYS
– Designed to prevent replication
REPLICATION TECHNIQUES
– Easy entrie milling machine
– Silicone casting
– Plastic and epoxy copies
– Facsimile copy
SECURITY THREAT:Failure of Key Control:
SimulateM3 KEYWAY
– Wider than Biaxial
– No paracentric keyway
COMPONENTS OF MEDECO KEYS
– Ward pattern and paracentric keyway
– Bitting
– M3 Slider
SECURITY THREAT
– Bypass wards in paracentric keyway
– Create new blanks
RESULT:Failure of Key Control
• Restricted and proprietary keyways
• M3 Slider: bypass with paper clip
• Sabotage potential
• Availability of blanks
• Duplicate from codes or pictures
• TMK extrapolation
• Set the sidebar code
• Make keys to open your locks
MEDECO INSECURITY:Real World Threats - Keys
• NO KEY CONTROL OR KEY SECURITY
• All m3 and some Biaxial keyways
• Keyways (restricted and proprietary)
• M3 Step = no security
• Copy keys
• Produce any blank
• Generate Top Level Master Key
• Cut any key by code
MEDECO INSECURITY:The Threat from Within
• COMPROMISE OF KEY CONTROL +HYBRID ATTACK
– Mortise, Rim, Interchangeable cores
• MEDECO KEY CONTROL v.CONVENTIONAL KEYS
– Conventional keys = 1 layer of security
– Medeco keys = 3 layers of security
• Hybrid attacks
• With key cutting machine
MORTISE, RIM, IC:A Special Form of Attack
HYBRID ATTACK
– Will damage the lock
– Entry in ten seconds
– Millions of Locks affected
“KEYMAIL”: The NewSecurity Threat from Within
• NEW AND DANGEROUS THREAT
• FAILURE OF KEY CONTROL IN m3 andSOME BIAXIAL CYLINDERS
– Duplicate keys easily
• USE OF NEW MULTI-FUNCTION COPIERS
– It scans, copies, prints, and allows theproduction of MEDECO keys
KEYMAIL: The Premise
• EASILY CAPTURE AN IMAGE OF KEY
• REPLICATE THE KEY IN PLASTIC
• DIFFERENT METHODS TO OPENLOCKS
– No key control
– Easy to accomplish with access to sourcekey
– Simple technique to replicate any key
MEDECO ACCEPTSPLASTIC!
KEYMAIL:How It Works for Medeco
• ACCESS TO THE TARGET KEY
• CAPTURE AN IMAGE
• PRINT THE IMAGE
• PRODUCE A KEY
• OPEN THE LOCK
MEDECO and KEY CONTROL?® American Express, Master Card, Visa, Discover, and Diners Club
Don’t leave home without one
What is behind the locked door:Priceless
Go anywhere you want to be
The card that can get you cash
The card is key
CUT A FACSIMILE OF KEY• KEY REQUIREMENTS FOR
MORTISE, RIM, and IC LOCKS
– Vertical bitting only
– No sidebar data
– No slider data
Medeco Key Control?
PLASTIC KEYS:PROCEDURE
• OBTAIN IMAGE OF THE KEY
– Scan, copy, or photograph a Medeco key
– Email and print the image remotely
– Print 1:1 image on paper, label, Shrinky Dinks ®
– Trace onto plastic or cut out the key bitting
– Copy with a key machine or by hand
• INSERT KEY INTO PLUG
– Neutralize three layers of security
– Open Mortise, Rim, IC cylinders
ACCESS TO TARGET KEY
• BORROW BRIEFLY
• AUTHORIZED POSSESSION
• USE
• COLLUSION WITH EMPLOYEE WHOHAS ACCESS TO A KEY
CAPTURE AN IMAGE
• COPIER
• TRACE THE KEY
• CELL PHONE CAMERA
• SCANNER / FAX
OBTAIN DATA - COPIER
OBTAIN DATA - SCANNER
OBTAIN DATA - CELL CAM
BLACKBERRY CURVE
RESULTING IMAGE
• REPRODUCE THE IMAGE
– On Paper
– On credit card or plastic card
– On plastic sheet
– On Adhesive Labels
– On Shrinky Dinks® plastic
– On a piece of copper wire
– On a simulated metal key
PRINT IMAGEON PLASTIC OR PAPER
KEYS FROM PLASTICCARDS
• OPEN m3 and SOME BIAXIAL LOCKS
• STANDARD KEY MACHINE
– Hybrid attack, vertical bitting only
• MEDECO CUTTER
– Vertical bitting and angles
• CUT BY HAND
– Vertical bitting and angles
• BYPASS SLIDER
– Paper clip or wire
NEUTRALIZE SHEAR LINE
PRODUCE A KEY:Set the Shear Line
SET THE SHEAR LINE
SET THE SHEAR LINE
HYBRID ATTACK:Set the Shear Line, Open the Lock for
Mortise, IC, Rim Cylinders
CONVENTIONAL LOCKS KWIKSET = 1 Layer of Security
KWIKSET PLASTIC KEY
Video Demo:
• Kwikset Plastic Key
HIGH SECURITY KEYS
• MULTIPLE SECURITY LAYERS
– Many cannot be simulated…
Video Demo:
• Medeco Plastic on key Machine
• Medeco Plastic on Door
MEDECO INSECURITY:Protective Measures
FACILITY RESTRICTIONS
– No First Amendment
– No paper clips!
– No credit cards, key cards, hotel room cards
– No Copiers, scanners, cameras
– No scissors or X-Acto knives
– No self-adhesive labels
– No plastic report covers
– No Shrinky-Dinks!
– No printers or Multifunction Devices
– No cell, email or Fax connections to outside world
PART III
Locks, Lies
And Videotape
“Our locks are bump-proof, virtually
bump-proof, and Virtually Resistant”
– We Never claimed our Locks were bump-proof!
– Our deadbolts are secure, no problem!
– We have spent hundreds of hours andcannot replicate any of the Tobias attacks!
MEDECO RECOGNIZESLOCKSPORT:
NDE: May, 2008• BASED ON “RESPONSIBLE
DISCLOSURE” ABOUT MEDECODER
– Give Medeco time to fix the vulnerability
– Right result, wrong reason
– Not new: 15 year old bypass
– Problem in millions of locks
– Concept not applicable
KNOWN VULNERABILITIESIN MEDECO LOCKS
• RESPONSIBLE DISCLOSURE v.IRRESPONSIBLE NON-DISCLOSURE
– Serious vulnerabilities disclosed to Medeco
– Notice to manufacturer for 18 months
– Failure to disclose to dealers orcustomers
– Misrepresentation, half truth, misleadingadvertising and use of language thatmeans nothing
RESPONSIBLEDISCLOSURE:
It’s a Two-Way Street• DISCOVERY OF VULNERABILITY
– Locksport, hacker, security expert disclosure tomanufacturers
– Manufacturers to dealers and consumers
• SIGNIFICANT QUESTIONS
– When discovered
– New lock or embedded base
– Number of users affected
– National security issues
RESPONSIBILITIES
• Locksport and hacker responsibility
– Disclose vulnerability in new lock design orupgrade
– What about current locks that are installed
– Give time to fix? When relevant?
HIGH SECURITY LOCKMANUFACTURERS
• Responsibility of high security lockmanufacturer are different
– High security is different than normal mfgor corporation
– Protect high value targets, criticalinfrastructure
• Duties
– Tell the truth
– Disclose security vulnerabilities tocustomers and dealers
RESPONSIBLEDISCLOSURE: REALITY,
AND LIABILITY• WHAT TO DISCLOSE AND TO WHOM
• TWO COMPONENTS
• PUBLIC RIGHT AND NEED TO KNOW
– Security by Obscurity
– Assume the risk: only based upon knowledge
– Bad guys already know
• LOCKS NOT LIKE SOFTWARE
– Notice is only prospective to fix a problem
DISCLOSURE TOMANUFACTURER: Prospective or
Retroactive Effect
• PROSPECTIVE IMPLEMENTATION OF FIX BYMANUFACTURER
– Only applies to new locks or new product
– Does not apply to embedded base
– Does not help the consumer unless manufacturerdoes a recall or field fix
• QUESTION OF LIABILITY AND COST
– Who will pay for retroactive upgrade?
– “Enhancement” to new bypass technique orliability to remedy?
MEDECO: Responsible orIrresponsible Actions?
• WHAT IS THE TRUTH?
– August 4, 2006 press release: “Bump-proof”
– February 2007 - Retroactively changed thelanguage: “Virtually Bump-proof”
– The Medeco Problem: www.archive.org
• TV, Advertising, DVD, Medeco website
August 2006: Bump Proof
Feb 2007:Virtually BumpProof
2008:
“WE NEVER SAID OUR
LOCKS WERE BUMP-
PROOF”
• AUGUST 15, 2006
• U.S. Patent and Trademark Office filingby Medeco Security Locks, Inc. lawyerG. Franklin Rothwell, Application78952460
– Word mark: BUMP PROOF
– Abandoned: February 9,2007
BUMP PROOF: USPTOFILING FOR THE WORD
MARK
ABOUT CLAIMS OFPICKING
MEDECO LOCKS• NOBODY HAS PROVED THEY CAN
PICK OUR LOCKS IN 40 YEARS
– False demonstrations, special locks
– They are lying
– We cannot replicate anything
• THE REAL PROBLEM
– They cannot open their own locks
– Failure of imagination
RESPONSIBLEDISCLOSURE BY LOCK
MANUFACTURERS
• KNOWLEDGE OF VULNERABILITY
– Known or suspected
– Make responsible notifications
– Let users and dealers assess risks
– Duty to tell the truth
– Duty to fix the problem
MEDECO LOCKS AREVULNERABLE
• MEDECO KNOWS
– Vulnerability from Bumping, Picking, Keycontrol, Forced Entry techniques
– Should be candid with dealers and usersso they understand the potential risks
– Failure to tell the truth = irresponsible non-disclosure
– Dealers and customers have a need and aright to know
VULNERABILITIES:Full Disclosure Required
• SECURITY BY OBSCURITY
– It does not work with Internet
– It is the User’s security
– They have a right to assess their own risks
– Criminals already have information
– Disclosure: benefits outweigh risks
– Liability for failure to disclose
LESSONS LEARNED
• THE MEDECO CASE
– Nothing is impossible
– Corporate arrogance does not work
• HIGH SECURITY LOCK MAKERS
– Engineering, Security, Integrity
– Duty to tell the truth
