Forgot your password?
typodupeerror
Science Technology

Optical Lock Foils Thieves 156

Posted by michael
from the light-reading dept.
opticsorg writes "A UK inventor has come up with a way to make what is thought to be an unpickable lock. The Optilock contains a bundle of up to six input optical fibers on one side of the lock barrel and a corresponding number of fibers on the other side. When a special key is inserted into the lock, it connects the fibers in a unique routing pattern opening the lock in a fraction of a second. Light then flows around the circuit until the key is removed and the circuit is broken."
This discussion has been archived. No new comments can be posted.

Optical Lock Foils Thieves

Comments Filter:
  • Unpickable? (Score:5, Insightful)

    by climberkid (712298) on Friday February 27, 2004 @04:30PM (#8411893)
    Accually saying that this is an "unpickable" lock is risky. I mean, look at the efforts by the RIAA to prevent P2P, or the anti-burning CD's with the corrupt files that crash computers, someone fixed that with a sharpie. I think that making statements like that is seriously underestimating human potential.
  • Not unpickable (Score:5, Insightful)

    by SandSpider (60727) on Friday February 27, 2004 @04:31PM (#8411896) Homepage Journal
    This is obvious, but the lock isn't unpickable, it's just going to take a while before people figure out how to pick it, and it'll raise the bar on tools needed for picking at most.

    Also, while this will be handy for places with cement walls and thick steel doors, places with windows and weak door frames will still be vulnerable. Plus, of course, the social engineering attacks.

    That being said, I'm a big fan of new, shiny locks, so hooray for the people who made it.

    =Brian
    • by dman123 (115218) on Friday February 27, 2004 @04:47PM (#8412038) Journal
      Not only will it take a while for people to learn how to pick it, it will take a while for the lock to even exist...

      Quoting the article... "At the moment, the lock is a computer model. This money will allow us to see how these ideas will work and what the devices will actually look like."

      Maybe it will be one of those situations where the lockpicks are invented before the vulnerability is found and fixed by the Microsoft, I mean, the manufacturer.

    • Semantic Issues (Score:4, Insightful)

      by fm6 (162816) on Friday February 27, 2004 @05:05PM (#8412227) Homepage Journal
      My first thought was that Jeremy Rice didn't use the U-Word, but that the reporter grabbed it as convenient journalese. (I have other issues with the reporter's use of language -- see below.) But all the news reports [google.com] seem to be saying "Unpickable", which can only mean this is an actual claim. Perhaps "pick" in this context refers to the specific technique for physically probing the tumblers of a lock, not just a synonym for "disable".

      It's all pretty moot anyway. Spies pick locks, but most of us are more concerned about more prosaic intruders. Who don't waste their time with picks -- they smash or jimmy.

      What was my other semantic issue? Oh yeah, "failsafe". Come on people. if you mean "foolproof," say that. I'd like to see "failsafe" preserved for its original [electroid.com] meaning [imdb.com], though my hopes are dimming!

      • My first thought was that Jeremy Rice didn't use the U-Word, but that the reporter grabbed it as convenient journalese. (I have other issues with the reporter's use of language -- see below.) But all the news reports seem to be saying "Unpickable", which can only mean this is an actual claim.

        A lesson in modern media; 90% of the reports on a given topic are copies of each other. What you have found is not a clue to an actual claim, but a reminder that being widely reported no more creates facts than does

        • You may be right about the media all copying each other (I've certainly seen it happen before) but I'm not convinced in this case. The evidence is ambiguous either way. If we wanted to get really rigorous (on Slashdot? snicker) we'd want a direct quote from Rice.
    • Re:Not unpickable (Score:4, Interesting)

      by ivern76 (665227) on Friday February 27, 2004 @05:23PM (#8412383)

      If the description is correct, and light flows "in a circuit", then picking it is trivial as long as you have a key that can route light in a programmatic way.

      See, what you have is the number of possible ways to match N fibers with N fibers. It's easy to see that the total number of locks is N!. However, the requisite that light flow in a circuit makes it so you can follow the loop. Figure out which of your switches on side A is getting light, route it to all fibers on side B until one of them makes a different fiber emit light, rinse, repeat. Having some fibers be decoys or having multiple light sources doesn't make this more complex at all (as long as you have a constant number of light sources.) As you can probably figure out, the worst case number of locks is now N + (N-1) + ... + 1, which is N * (N - 1) / 2. Not a whole lot of locks, and definitely something a machine can brute-force.

      Of course, this brute force approach can be denied by locking the door permanently if too many 'wrong keys' are inserted. A better approach would be to ditch the 'circuit' idea altogether and just use N light sources with random matching.

      I didn't have time to thoroughly read the original article, so maybe I'm just stating the obvious.

      • Re:Not unpickable (Score:3, Insightful)

        by DerekLyons (302214)

        I didn't have time to thoroughly read the original article, so maybe I'm just stating the obvious.

        No. You are missing the obvious; This isn't something a machine can force, as the lock is a physical thing located in a definite position. This isn't a DES key that you can let the software run overnight while you play Quake. Your 'machine' would have to be attached to the lock for hours while it tried combination after combination. (Your problems are not much easier if you have the key itself. It's stil

        • Your problems are not much easier if you have the key itself. It's still a physical object that only one machine at a time can work on, and during the hours it will take...

          ???

          Scanning a key could be done in a single second if you have a scanner pre-built, and could be done by hand in well under a minute. There's nothing to "brute force" about a key. You just map out the location of the fiber end points and shine a laser pointer at them to see how they pair up.

          As for picking the lock, I really hope the l
          • Scanning a key could be done in a single second if you have a scanner pre-built, and could be done by hand in well under a minute. There's nothing to "brute force" about a key. You just map out the location of the fiber end points and shine a laser pointer at them to see how they pair up.

            Ok... A key the size of my car key can have 60 points per side easily. That means a medium sophisticated mechanical assembly to scan them, and over 60! possible combinations to scan. (Matching a photocell and a laser to

            • Re:Not unpickable (Score:3, Insightful)

              by Alsee (515537)
              Unfortunately the article gave very little detail. We're stumbling around blind.

              A key the size of my car key can have 60 points per side easily.

              Scanning a key is generally a constant-factor task, or at worst linear in the number of fibers. More points really only makes the lock (hopefully) secure against brute force attacks.

              assembly to scan them

              A video camera with two mirrors to catch a 360-degree view of the key. Perhaps use curved mirrors for magnification. The most complicated part is simply swee
            • That means a medium sophisticated mechanical assembly to scan them, and over 60! possible combinations to scan.

              You don't "get" the problem...

              If it unlocks based on a set of side-2 elements detecting a signal, you need only flood all of side-2 with the output of the active fiber on side-1. That corresponds to an O(1) operation.

              In the worst case, where significantly lossy transmission matters, you still only need to perform (N+(N-1)+(N-2)+...+1) possible checks, which does not equal N!, but rather, N(
              • You don't "get" the problem...

                Quite the opposite. I *do* get the problem, because I look beyond the numbers to the actual engineering. (I know, I know. It's heresy on slashdot to use actual facts.)

                If it unlocks based on a set of side-2 elements detecting a signal, you need only flood all of side-2 with the output of the active fiber on side-1. That corresponds to an O(1) operation.

                *If* it behaves that way, which I find highly unlikely given the author describes the key as having a '3-d' structure.

                In

    • personally, i would think it would make it easier on lock pickers.

      instead of having to make complicated mechanical devices, you could make a led based device. like they say, it can open in a fraction of a second...meaning much less time needed between changing the key configuration.

      although, they could create some smart system that would "lock you out" after so many invalid attempts.

      I do see what they mean unpickable...it is. You can't pick it a mechanical way (assuming they build it riht). But, it is st
  • Unpickable, huh? (Score:2, Insightful)

    by Saganaga (167162)
    Calling a lock "unpickable" seems presumptuous at best. Doesn't history show that there never has been and never will be a "final solution" to security?
    • Re:Unpickable, huh? (Score:4, Interesting)

      by Smidge204 (605297) on Friday February 27, 2004 @04:44PM (#8412010) Journal
      Honest question: Has anyone ever defeated a timelock?

      Obviously not the perfect solution, because it still opens at predictable intervals, but since there is *no* access to the lock itself from outside the vault, it certaintly can't be picked...
      =Smidge=
      • ...Unless you figure out a way to change the time. Which probably isn't trivial, but I would imagine not impossible. I mean there has to be a way to ensure the accuracy of the clock - compromise that system and you're golden. There must also be an override somewhere, or an alternate means of entry aside from the lock - just in case of power failure. Then there is of course the well placed block of C4 - that should do it.

        It would be difficult to imagine a system that isn't both useful and circumventable.
        • Re:Unpickable, huh? (Score:5, Interesting)

          by Anonymous Coward on Friday February 27, 2004 @05:16PM (#8412328)
          It is entirely possible that there *is not* an override. I used to work in a bank, and part of my responsibilities were to lock up the main safe at night. It was time-locked, and once the lock was set there was *no* way to get that safe back open again until they unlocked. The entire mechanism was mechanical - there was no electricity to cut. The internal clocks had to be wound everyday. This was so much of a concern that :

          1. We had to physically check and make sure that no-one was in the vault (stray teller, somebody left their kid, etc) before we closed it.

          2. There was an O2 tank & mask in the vault in case someone *did* get locked in.

          3. Be really, really careful at setting the timers correctly because if it wasn't open in time for the next business day, we were screwed (no, this wasn't a three-day weekend...)

          • What happens if you forget to wind your watch^Wtimelock? Does it fail open? I'm sorta seeing it something that unlocks when time runs out, so there's no concern of not having it wound enough to unlock?
            • Re:Unpickable, huh? (Score:3, Informative)

              by rusty0101 (565565)
              The stories I have heard are that the lock does not engage until the clock is wound up, and the act of it winding down is what unlocks the clock.

              Most time locks can only be set a maximum of three of four days.

              However I am no expert on timelocks, and accept that I very well may be wrong.

              -Rusty
          • The entire mechanism was mechanical
            This means that there was a springwheel or pendulum keeping time.
            All you have to do to "pick" this kind of lock is to pick up the entire vault and rotate/move it back and forth at a particular frequency.
            The action will speed up, and the time lock will open early.
            Yes, I know that rotating/moving a large built-in vault can present a bit of a problem, but theoretically, it's possible.
        • ...Unless you figure out a way to change the time.

          Yeah, MacGyver did that all the time.


      • Well, there's the old issue of reciprocity: if nobody knows the [jewels] have been taken from the (time-locked) safe, there's a fixed (and known) period of time for thieves to use the cover. this has been built into many a movie plot.

        so then the issue isn't the lock itself, it's the people surround it during the open time period. once that is comprimised, the lock serves no purpose.

  • Electronics (Score:4, Insightful)

    by aridhol (112307) <ka_lac@hotmail.com> on Friday February 27, 2004 @04:31PM (#8411903) Homepage Journal
    According to the article:
    Most locks are picked by [...] bypassing some sort of electronic control system. Rice's idea removes these vulnerable components.
    Won't there need to be an electronic control system that determines when you have the correct light pattern? Just bypass (or hack) the light-detection system, and you're in.
    • The assumption is that the electronics are behind the locked door. I suppose if that isn't explicitly stated in the patent then implementers are on their own... But would you buy a vault where the lock was on the outside?
    • If you can break into the lock to hack it, you can probably just as well remove said lock and open the door anyway :)

    • Re:Electronics (Score:3, Informative)

      by DerekLyons (302214)
      Won't there need to be an electronic control system that determines when you have the correct light pattern? Just bypass (or hack) the light-detection system, and you're in.
      Protection of those control systems is a long solved problem for time- and other electronic locks. You put the control system *inside* the guarded volume, where bypassing/hacking them requires that you get inside the gaurded volume... Which you can't do unless you've already bypassed/hacked them.
  • by 4of11 (714557) on Friday February 27, 2004 @04:33PM (#8411911)
    But if they did pick it, at least they wouldn't be circumventing copyright restrictions. Because that would be terrible.
    /obligatory slashdot DMCA reference
  • by BigZaphod (12942) on Friday February 27, 2004 @04:33PM (#8411914) Homepage
    I guess I'm going to have to find someone selling tiny little prisms now so I can build myself a new lock-pick set...
  • by Spudley (171066) on Friday February 27, 2004 @04:34PM (#8411923) Homepage Journal
    It may be unpickable, but using fibre-optics means it requires a power supply, which means it is still vunerable.

    Many locking mechanisms require power, and if the power fails, there are only two possibilities: either it will be locked shut and unopenable, or it will have a fail-safe mechanism to unlock automatically if the power fails.

    Either way, it leaves itself open to anyone who wants to cause trouble.

    In any case, any door that people will be behind will necessitate the latter, as otherwise they could get locked in during a fire, which means that anyone wanting to gain access only needs to cut the power and they're in.
    • by aridhol (112307) <ka_lac@hotmail.com> on Friday February 27, 2004 @04:38PM (#8411953) Homepage Journal
      In any case, any door that people will be behind will necessitate the latter, as otherwise they could get locked in during a fire,
      Not necessarily. There could be a physical override on the inside that directly manipulates the latch. This allows an exit, even if the door is locked.
      • And does nothing for you if you need to get in.
        • Well, it adds one more point of attack for those who want to get in. Possible ways to get around this:
          • Use some way to operate this override from outside (eg. minimal invasive handling).
          • Smuggle something or somebody inside to simply open door.
          • Use good old extortion (eg. a hostage) to force somebody from inside to open.
    • by pagercam2 (533686) on Friday February 27, 2004 @04:47PM (#8412034)
      This isn't true the only lock currently approved for DoD Spin locks is self powered it uses a LCD that indicated the current number being pointed to rather than a marked dial. You have to spin the lock a few time to generate enough power for it to work and then you dial in the combination. Batteries are a big no no in any sort of lock. If people are behind the door a mechanical override is given, the deadbolt or other locking mechanism is mechanical and as long as all mechanical items are internal it is allowed. The old drill throigh the locking bars is always a possibility but as with encyption its no really unbreakable just unbreakable in a reasonable period of time.
    • > Many locking mechanisms require power, and if the power fails, there are only two possibilities: either it will be locked shut and unopenable, or it will have a fail-safe mechanism to unlock automatically if the power fails.

      From the article, "The first Optilocks have been designed for the automotive industry."

      There are some automotive locks that already use power from the car's battery, so that's not a huge consideration.

    • Exit signs are powered by radioactive Cadmium. They last ~20 years. The level of radiation is low enough that they are safe for preschools!

      I think it would be trivial to build a lock mechanism with an embedded radioactive power supply and a lead shield (would need more Amps to flip a solenoid than illuminate a sign, hence more radiation).

      • by Captain Nitpick (16515) on Friday February 27, 2004 @08:46PM (#8413792)
        Exit signs are powered by radioactive Cadmium. They last ~20 years. The level of radiation is low enough that they are safe for preschools!

        No, they're powered by a chemical Nickel Cadmium (NiCad) battery.

        Getting a building built is hard enough without making yourself fall under NRC jurisdiction because you installed an RTG.

        There are tritium-based emergency exit signs, but they are more expensive than battery-backed signs, and are typically only used in aircraft, or where power is unavailable.

  • by xmple (704367)
    idea to "pick" the lock: use a flashlight, and shine it trough the keyhole...
    • Re:key of light (Score:3, Insightful)

      by El (94934)
      Well, no. They obviously send a unique pulse pattern down each fiber, otherwise they could not determine which was routed where. So while you could proably disable the photocells by flooding them with light, you couldn't get them to register the correct pattern.
  • by Anonymous Coward on Friday February 27, 2004 @04:35PM (#8411928)
    Certainly if you have a key you can replicate that key, for one. Secondly, can a master key be made that just shines takes light from one side and shines it down all the other holes ? What about one that is configurable, and can try different mappings quickly ?

    Basically, this is no more unpickable than a card-swipe.

    Finally, electric locks have a limited market, which is well saturated with card-swipe and PIN punch products.
    • can a master key be made that just shines takes light from one side and shines it down all the other holes ?

      Easily avoided by putting a signal out each pin and checking for the same signal on the receiving side.

      What about one that is configurable, and can try different mappings quickly ?

      Easy to defend against, since it's an electronic lock it can detect brute force attacks easily and shutdown the system. If there are 1000000 possible combinations, all you need to do is have it shutdown for 1 minute a
    • by Anonymous Coward
      This assumes that the light is only transfered unaltered - the Key could just as easily filter, phase shift, combine or otherwise alter the light so that it is not an easy process to replicate.
  • by mugnyte (203225) * on Friday February 27, 2004 @04:39PM (#8411968) Journal
    picking a lock is just one part of a problem : the other is securing the key. in a bar, one could theoretically press a key into a mold for later duplication (old trick and not very efficient).

    however, with an optical key, one merely has to carry around a recepticle that, in turn, flashes a beam through the key's inputs, and record the appropriate output. nothing physical needs to be made. in today's terms, i call in the sequence to a buddy who then lays fiber into a template and uses it. meanwhile, i engage conversation on target, reporting when she's left.

    cars? are you kidding? these are even easier, merely get a job as a valet and start your database. since it's all just digital information, you have access to VIN and lock solution, license plate number and home town/state (if not entire address, since most people's cars have it somewhere - like the insurance docs). these databases could be traded online just like anything else.

    while i think this is very interesting, it still is no substitute for bio-based locks. however, they have their own problems (seem like every part of the body can be captured/duplicated).
    • Learn some Optics (Score:2, Interesting)

      by hd883r (757253)
      You must understand optics to grasp the beauty of this lock.

      First, it is very difficult to couple light into a fiber. Any copy would have to be made with each fiber being perfectly aligned in at least five and possibly six axes. This would be virtually impossible.

      In addition, the difficulty in coupling into a fiber would make it impossible to simply shine light in and get a response.

      Optical systems offer many additional degrees of freedom including wavelegength, phase, polarization, and intensity.

      Fibe
    • bio-based locks. however, they have their own problems (seem like every part of the body can be captured/duplicated)

      ... or cut off. Chuckle.

      -

  • Brute Force? (Score:2, Interesting)

    by gphat (5647)
    Disregarding the obvious flaws such as hinges, weak door frames, and a power source, wouldn't this just open the thing up to being brute forced?

    Assuming you could build something small enough to enter the slot and dynamically rearrange the light (the article says it's a 3d pattern?), or hell, pipe the light out of the slot and pipe it back in after reconfiguring it, it would be open to a brute force method of attack.

    Perhaps they've got some type of check for this built in. Either way, making something as
    • Re:Brute Force? (Score:3, Interesting)

      by hey! (33014)
      Not sure on the exact method this guy is using, but it's not a simple binary pattern; otherwise the six sensor lock would only have 64 combinations, all of which could be tried in a few seconds.

      He claims, however, that there are billions of combinations. Suppose you could check a hundred combinations a second, it would take you 115 days max to try every combination, 57 days on average to crack. This is probably enough security for most applications, since in most applications the lock only has to taken lo
    • Thats exactly what I was thinking. It unlocks in a fraction of a second so you could try codes very quickly. If it inserted an artificial 1 second delay, it would make brute forceing it much more difficult. Fools could take a cue from login.
  • by JMZero (449047)
    This lock requires electricity and an electrical control. If you're going to require electricity, why not use a smart-card-esque key? You get all the benefits of this - plus a whole bunch more control/flexibility and likely less overall cost.

    Most locks are picked by tweaking a series of levers in the lock or bypassing some sort of electronic control system.

    There will be an electronic control system here, just like any other electronic system. The actual physical lock is still going to be actuated by
  • The act of picking a lock is to obtain access in an unorthodox way. I suppose one could pick a lock with a stick of dynamite.

    Of course the other issue is that it uses light... Light implies electric. Electric locks may not be a "Good Thing" (TM) when your power goes out, or the batteries run down. What if water gets inside? If it's unpickable, then how do you open it in emergency situations when the power goes out?

    Perhaps it should read: "Interesting Nift-value Lock" and come with a stick of dynamite in

    • No, the act of picking a log is to open the lock without the key/combination/code/whatever normally opens the lock and without damaging the lock.
      If you blow the door off a safe you haven't picked the lock, you've bypassed it.
  • Let's look at the key.

    Take the example of "6" inputs on the lock and the key:

    A B C D E F

    In order for it to "complete" a circuit (or circuits), you have to "connect" certain inputs together to sort of "loop" the light back to the lock and complete the circuit.

    For instance:

    A-B C-D E-F

    That's three "loops", lets call them.

    There are 30 possible combinations for the first
    loop.

    There are then 12 combinations for the second loop,

    and the third, no combination -- there's only one choice.

    A total of 360 combinations, give or take. You could easily make a device to mimic every possible circuit very easily. Breaking the lock would take seconds.

    Now let's look at the lock.

    Assuming the light source exists in the lock, you would be able to tell immediately which inputs send light *to* the key, and which return light *from* the key. With a simple LED, you could easily "light up" the return paths, to see which loops they connect to. Armed with this information, it's easy to find the remaining possibly valid combinations, and try them.

    I'm telling you, this lock could be picked with near lightning speed.

    No, you would need to include some sort of electronic timing component -- preferrably in the key -- to initiate *pulses* of light, rather than a steady stream. In which case, the path of the light is basically irrelevany -- it's the timing of the light pulse that would act as the key. More secure (but not pick-proof.) and less complicated.

    Or you could do something fancy with prisms or whatnot to split the red-green-blue portion of a white/colored light into different light paths, but, again, it's overkill, and still not very secure.
    • Factorials grow fast. Your supposed 6 input key may not have many combinations, but what of a 20 input key, which should be very feasible? 2,432,902,008,176,640,000 combinations is much more difficult to crack.

      (And that's assuming one input can't go to multiple outputs; some degree of fan-out is probably possible, which can make it grow even faster.)

      Still, I'd lean more towards saying that a dynamic key system, like many car remote locks use, is more intrinsically secure.
      • Yes, and there are other factors that multiply the number of possible combinations. For example, having the key modify the light in some way, having the fiber positions be variable, having the length of the light path within the key measurable (a coil of fiber to create propogation delay of the right amount). A good key, even with only 6 inputs, can have billions and billions of combinations just by adding in other factors besides on and off.
      • Make it a 30 fiber system. Make it so 6 of those fibers must remain dark. Make 3 of them issue light, but one of those 3 issues a wavelength that tells the lock NOT to open, but you don't know which one. Add a light signal issuing from the key itself. Make the chain length vary between any combination 3,4,5, and 6 fibers chains. Now distribute the fibers around the barrel in a non-uniform, non-standard distribution.

        These are not very hard to add to such a lock, but they make the math even harder. And they
    • Well, it can be simple to fix those flaws. First of all it could randomly turn the lights on and off (or always turn light 1 on and check, then 2, etc.) so that EVERY light would come on at some point during EVERY check of a key. This way you couldn't tell which ones were input or output based on your idea.

      Second, since each of the six spots would require a photo emitter and a photo reciever, you could make it so each element has it's own fiberoptic cable. This would let 1 connect to 2, two connect to 3, e

  • by HotNeedleOfInquiry (598897) on Friday February 27, 2004 @04:50PM (#8412059)
    There's hundreds of them out there, but only a few practical ones in widespread use. I predict that this one is too expensive for general use. There are already several locks that are exceedingly difficult to pick or create an unauthorized copy. Medico for example. Very difficult to pick and very tight control over blanks.

  • Unpickable? (Score:4, Insightful)

    by El (94934) on Friday February 27, 2004 @04:53PM (#8412083)
    With 6 optical fibers, aren't there only 6! or 720 possible different "routing patterns"? How hard would it be to construct an electro-optical devices that would simply run through all 720 patterns until one worked? And no, you can't disable the device for a fixed time when it gets a misroute, because it is obviously going to misroute while someone is inserting the key... and someone like me who has two almost identical keys on their keychain is going to get really pissed off when they insert the wrong one. Finally... haven't we learned by now that replacing a simple mechanical device with an electro-optical-mechanical device greatly increases your failure modes?
    • by NickFusion (456530) on Friday February 27, 2004 @06:02PM (#8412696) Homepage
      Otherwise you might stumble across this information:

      Rice says that the only way someone could pick the lock is to duplicate the key. "You could potentially have as many different points as you want on the lock barrel as inputs and outputs," he explained. "Because it is a 3D pathway you are dealing with, you have potentially billions or trillions of combinations depending on how the lock is made. The probability of duplicating the path is very small."

      That said, a lot of these fancy locks seem like overkill, especially since in very high security systems, you'd tend to want some kind of human oversight in the loop.
      • you have potentially billions or trillions of combinations depending on how the lock is made not with only 6 inputs. My point was that the number of combinations is equal to the factorial of the number of inputs. So with 16 inputs, yes you would have 20,922,789,888,000 different combinations. But 6 inputs only gives you 720 different combinations, which is not enough IMHO.
        • by Baron_Yam (643147) on Friday February 27, 2004 @08:22PM (#8413671)
          Without RTFA, I think I can explain why 6 inputs can create more than 720 combinations...

          You're counting the possible pathways. You've forgotten to count the positionings! Two keys with the same routing pattern with only one input off by a fraction of a millimeter would not open the same lock.
        • But 6 inputs only gives you 720 different combinations, which is not enough IMHO.

          This is only true if you have 6 fixed-position outputs as well.

          The number of outputs is likely to be the same as the number of inputs, but nothing says their position has to be the same from one key/lock to the next.

          • But then again, I could be wrong. No, you're correct. Whereas finding where the light inputs to the key should be would be trivial (it's where the light is shining, duh!), finding where the outputs should be is non-trivial. It would require advanced optical recognition to be able to distinguish the opening for the detector from the wall of the keyhole. One could even position "dummy" outputs that would be indistinguishable from the real ones. This would give you many more effective combinations, limited onl
        • I stand corrected. The more general case with m input positions and n possible output positions is n!/m! different combinations, if I remember my Probability and Statistics class correctly. So 6 inputs IS enough provided there are more than 6 possible output positions.
  • by sig (9968) on Friday February 27, 2004 @05:01PM (#8412186) Homepage
    I have seen locks based on this routing idea before, although using electrical connections rather than optical ones. The one saw had 16 paths, which is much more secure, as the number of unique keys is the number of paths factorial. 6! is only 720 keys, which you could imagine having a sack of and trying each one in a matter of minutes. 16 paths gives you 20 Trillion unique keys, which is going to be one freaking heavy sack. Also, optical fibers are very fragile in real world environments, where as electrical connections can jingle jangle in your pocket all day long and still be functional. I'd give this high marks for "cool" but not for "useful."
    • electrical connections can jingle jangle in your pocket all day long and still be functional.

      Until they corrode. You've obviously never lived near the ocean.
      • Until they corrode. You've obviously never lived near the ocean.

        Gold doesn't corrode.
        • Gold doesn't corrode. Yes, but imagine how pissed off you'll be when you lose one of you $300 keys!

          Actually, optical fibers wouldn't work very well either (the ends are subject to getting scratched and becoming non-transmissive.) Perhaps one would be better off with tunnels and mirrors... those would only be subject to filling up with pocket lint.

  • External Power? (Score:2, Insightful)

    I'm intrigued how many solutions exist to all these counter examples. Why not have the ability to supply power from a external source to the locking system in event of power failure. The input path can be via optical or electric with the usual array of filtering mechanisms and barriers so that the lock circuitry can't be fried by malicious intent. Another thing is that it could have a lock system that is in fact powered like a radiometer by light to enable the throw of the mechanical bolt to be released. A
    • Why not have the ability to supply power from a external source to the locking system in event of power failure.

      Y'know, after the examples I read earlier about car batteries dying because of this technology, the need to have it hooked up to a power source and what happens in the event of an emergency (I think this is something i'd have on a UPS, at least.) one person's tumbler lock idea intrigued me. They stated that it was a digital tumbler lock which powered itself up by spinning the tumbler, why not d
  • Sneakers (Score:5, Funny)

    by CyberVenom (697959) on Friday February 27, 2004 @05:26PM (#8412405)
    Do any of you remember the old (and surprisingly realistic compared to newer crap) hacker movie "Sneakers"? When they are trying to break into the office to steal the chip, Redford comes to a door with an electronic lock. After getting an earful of explanation (which we don't hear) from his partner back in the van about how the military deals with that kind of lock, he agrees to try a new lockpicking method. He kicks the door, and the bolt pops out of the doorjam...
  • by heldlikesound (132717) on Friday February 27, 2004 @05:29PM (#8412427) Homepage
    "Optical sledgehammer opens optical lock."
  • Not novel. (Score:3, Interesting)

    by muonzoo (106581) on Friday February 27, 2004 @05:37PM (#8412498) Homepage
    There have been much higher security versions of these things. Sandia Labs developed a seal technology around fiber bundles and routing.
    There are even commercial devices [canberra.com] based on this today.
  • by HTH NE1 (675604) on Friday February 27, 2004 @05:54PM (#8412625)
    Sometimes the point is not to gain entry but rather to prevent the legitimate owner from gaining entry. E.g. disabling the lock to the gun safe before breaking into a house. Denying access to key sensitive legal documents before a filing deadline. Delaying access to important medical supplies such as heart attack medicine, inhalers, and insulin.

    And of course, situations where applying brute force to break the lock would be counterproductive (i.e. destroy the materials you're attempting to retrieve).

    But then nowadays, all you have to do is make the lock electronic and cryptographic. Even if all the electronics only control a shackle made of wax, you've got the power of the DMCA already.
  • by mrmeval (662166) <mrmeval@gm a i l . com> on Friday February 27, 2004 @06:10PM (#8412755) Journal
    I've seen a card [findarticles.com] with holes punched in it used at motor carrier fleet refueling stations. The reader is optical and these heavy plastic credit-card sized cards bear a suspicious resemblence to these cards [fourmilab.ch] right down to the square holes.
  • by 7-Vodka (195504) on Friday February 27, 2004 @06:14PM (#8412785) Journal
    Why not use the public/private key model. Have the lock generate a message encrypted with the physical key's private crypt key, then have they physical key decode it and retransmit to the lock...
  • by macemoneta (154740) on Friday February 27, 2004 @06:31PM (#8412892) Homepage
    You folks are thinking too hard. You need a low tech solution, that a burglar with a third grade education would use. :-)

    Just put a little graphite-oil (used in regular locks) in the optical lock. Then, when the owner tears it out because it doesn't work (optical paths obscured by the graphite), the burglars can go back to business as usual.

  • by itwerx (165526) <itwerx@gmail.com> on Friday February 27, 2004 @07:13PM (#8413233) Homepage
    Not that the pick exists yet of course, but the simple fact that it uses light routes makes it pickable.
    Since the light needs transceivers on either end and a physical interface in between for the key all you need to do is make a key with its own transceivers instead of simple light pipes (you'd probably have light-pipes out to an external device which would house a computer "brain" and the transceivers).
    So you simply put the key in (or connect it or whatever the physical interface is) and let the computer start routing the inputs to different combinations of outputs.
    It would be like the brute-force picker that Medeco has for their locks only maybe a lot faster!
    However, having designed a pick, I can also think of half a dozen ways to slow it down enough to make it unuseable. :)
    (If they're smart enough to figure out how to email me maybe I'll even tell them. :)
  • ok, not having got much info from the article, there seems to be a probelm with this design. i'm making one possibly false assumtion, that there is a standard design for teh key and it is the light routing that changes. if so, it seems that it would be possible to make a device that is shaped like a key, but with a small computer attached that changes the routes, and that could try millions of combinations a second. i guess you could foil this attack by requiring the light to flow through for a predeterm
  • Sorry if this is redundant, but finding prior art took 5 minutes and looking for redundant findings of prior art posted in /. posts would take at least 5.1 minutes:

    United States Patent 4,449,126; [uspto.gov]
    Pekker; May 15, 1984; Electronic lock device and optical key therefor

    Hmm. Prior art and, given its age, public domain.

CCI Power 6/40: one board, a megabyte of cache, and an attitude...

Working...