logo
allArticlesConferencesPresentations

Duplicating Restricted Mechanical Keys

Conference:  Defcon 27

2019-08-01

Summary

The presentation discusses various techniques to bypass locks and keys, and suggests remediation strategies to improve security.
  • Various techniques to bypass locks and keys were demonstrated, including bumping, impressioning, and decoding.
  • Remediation strategies to improve security include using mastered or sectional keyways, adding delays and motion sensors, and conducting forensics to detect tampering.
  • Locks and keys are still effective security measures, but should not be relied on as the sole means of protection.
  • Security should be airtight and robust, even if a master key is lost.
  • Forensics can be used to detect tampering and identify the specific technique used.
The presenter describes a scenario where an intruder attempts to steal the key to the city from Toronto City Hall. The security system includes motion sensors and guards, as well as delays and obstacles to slow down the intruder. This illustrates the importance of creating a robust security system that can withstand various techniques of bypassing locks and keys.

Abstract

Secure facilities in North America use lock systems like Medeco, Abloy, Assa and Mul-T-Lock partly to resist lock picking, but also to prevent the duplication and creation of unauthorised keys. Places such as the White House and the Canadian Parliament buildings go so far as to use a key profile exclusive to that facility to ensure that no-one is able to obtain key blanks on which to make a copy. However, there are tens of thousands of unrestricted key blank profiles in existence - many match very closely to these restricted key blanks, and can be used instead of the real blanks to cut keys on. Moreover, keys are just pieces of metal - we will present numerous practical techniques to create restricted keys without authorisation - including new attacks on Medeco, Mul-T-Lock and Abloy key control systems. We will touch on all aspects of key control, including patents and interactive elements, and discuss how to defeat them and how facility managers can fight back against these attacks.
Materials:
Tags:

Post a comment

Related work

Please do not Duplicate: Attacking the Knox Box and Other Keyed Alike Systems

Conference:  Defcon 26
Authors:
2018-08-01

Exploiting Key Space Vulnerabilities in the Physical World

Conference:  Defcon 28
Authors:
2020-08-01

A Hole in the Tube: Uncovering Vulnerabilities in Critical Infrastructure of Healthcare Facilities

Conference:  BlackHat USA 2021
Authors:
2021-08-04

Perimeter Breached! Hacking an Access Control System

Conference:  Black Hat USA 2022
Authors:
2022-08-11

Remote Timing Attacks on TPMs, AKA TPM-Fail

Conference:  BlackHat USA 2020
Authors:
2020-08-06

MFA-ing the Un-MFA-ble: Protecting Auth Systems' Core Secrets

Conference:  BlackHat USA 2021
Authors:
2021-08-04