While retinal and other biometric scanners are coming into play for some high-security applications, there’s still some ways to go before those are reliable enough for more common use–and so most secured areas rely on the age-old standby of the lock and key. The idea, of course, behind a lock is that it can only be opened by the correct key. As any teenage girl who had a diary with a plastic lock can tell you, though, locks can be picked (I’m looking at you, big sister who broke into my middle school journals). The art of lock picking is about as old as the lock itself.
As technology advances, so does its counterpart; in this case, that means that as security measures have become higher-tech, so have the means to bypass them. With 3D scanning and printing technology becoming not just more precise, but more accessible, those seeking entry into theoretically unpassable areas are increasingly able to simply make their own keys. From learning how locks work for the casually curious to thwarting scanning measures with the Stealth Key that hides its mechanisms internally, 3D technologies allow for a thorough look into locking and lock picking.
While in 2013, MIT students had demonstrated that this technology could be used to duplicate keys that were meant to be non-replicable, they did not release their software, as it was more a study in plausibility than a practical effort. Last year, bump key technology from Jos Weyers and Christian Holler led to a heightened awareness that 3D scanning could lead to accurate recreations of keys that could then be 3D printed, bypassing security measures.
New research coming now out of the University of Michigan takes these concepts and acts on them. Not only has the team developed a way to replicate security keys, but Ben Burgess, Eric Wustrow, and J. Alex Halderman released their findings yesterday in a full paper and a usable app.
Their paper, ‘Replication Prohibited: Attacking Restricted Keyways with 3D Printing,’ provides an in-depth look at the thoughts and theories behind their Keysforge app.
“This website demonstrates a tool that generates a CAD model of a key blank from a single picture of a lock. This model can then be 3D printed cheaply in either plastic or metal from a number of services,” notes the Keysforge site.
“Such a tool can be used to get around restricted keyways, a defense currently employed by locksmiths and designers to prevent a wide range of attacks including bumping, impressioning, privilege escalation, and teleduplication.”
The idea behind the keys that manufacturers offer for high-security applications is that a patented ‘blank’ template will be released to only their clients. Using the Keysforge app, however, all that is needed is an image of the key to be duplicated and a straight-on photograph of the lock it opens; the software does the rest.
Of course, 3D printing offers its own limitations, as most familiar with the technology know. Keys are typically made of metal, and 3D printing metal is still inaccessible for desktop 3D printers. The Keysforge team turned to several different types of 3D printers and materials in their proof-of-concept work.
“To evaluate the viability of using both metal and plastic 3D printed keys in attacks against restricted key systems, we produced several designs of keys, had them printed in several materials, and measured how much torque they could withstand before breaking,” the researchers describe in their paper. “We chose three common keyways: SC1, KW1, and Best G. For each keyway, we created a 3D model using OpenSCAD (a 3D modeling suite), with random cuts on the keys. After prototyping these models using a MakerBot Replicator 2, we contacted a 3D printing service to fabricate them in several materials including nylon plastic, acrylic plastic, alumide plastic, brass, bronze, and stainless steel.”
The team’s findings showed that, somewhat surprisingly, PLA material printed using a desktop MakerBot 3D printer produced a key that held up significantly better than did more costly nylon and acrylic. While the plastics were, unsurprisingly, not exactly ideal for keys, the team had better luck with stainless steel, printed through Shapeways and i.materialise services–though these keys had a tendency to damage the locks. Below is a look at the team’s findings regarding material strength from their paper.
Keysforge is intended to provide information to those in the lock industry, not as a tool for thieves. Just as the FBI and other bureaus focusing on matters of safety and security employ their own hackers set to discover any potential weaknesses in a system, Keysforge is a tool that its makers believe will serve to raise awareness among lock and key manufacturers as well as the general public about “just how inexpensive these attacks are with modern tools. In addition, allowing a larger audience to use the tool may help defenders discover particular features of keyways that make them difficult to produce with this method, further assisting lock designers that want to defend against this technology.”
Research from Keysforge was published in the Proceedings of the 9th USENIX Workshop on Offensive Technologies (WOOT), August 2015, and will be presented next week in an in-depth presentation at WOOT ’15 in Washington, D.C. The team provides the source code on GitHub. Let us know your thoughts on the latest in key security in the 3D Printed Keysforge forum thread over at 3DPB.com.
You May Also Like
3D Printing Webinar and Event Roundup: October 24, 2021
It’s another busy week of events and roundups, covering topics from dispensing and medical applications to AM risk assessment, software, and much more. Read on for all the details! ViscoTec’s...
2021 Formnext Start-Up Challenge & AM Ventures Impact Award Winners Announced
While the physical event was canceled last year due to the COVID-19 pandemic, Formnext is back live and in-person this year, November16-19, albeit with some very specific rules for attendance....
Hexagon & Stratasys Announce Partnership to Integrate Digimat Software with ULTEM 9805
One of the world’s most prominent intelligent manufacturing software firms, Hexagon Manufacturing Intelligence, has announced a new partnership with Stratasys, an industry leader in producing 3D printers and solutions for...
RAPID + TCT 2021 Day 2: 3D Printing with Inkbit, Farsoon, AON3D, & Raise3D
At the recent RAPID + TCT 2021 in Chicago, I had the opportunity to attend keynote presentations, interview several industry companies, watch an awards ceremony, and walk the show floor....
View our broad assortment of in house and third party products.