Optical Lock Foils Thieves 156
opticsorg writes "A UK inventor has come up with a way to make what is thought to be an unpickable lock. The Optilock contains a bundle of up to six input optical fibers on one side of the lock barrel and a corresponding number of fibers on the other side. When a special key is inserted into the lock, it connects the fibers in a unique routing pattern opening the lock in a fraction of a second. Light then flows around the circuit until the key is removed and the circuit is broken."
Unpickable? (Score:5, Insightful)
Not unpickable (Score:5, Insightful)
Also, while this will be handy for places with cement walls and thick steel doors, places with windows and weak door frames will still be vulnerable. Plus, of course, the social engineering attacks.
That being said, I'm a big fan of new, shiny locks, so hooray for the people who made it.
=Brian
Unpickable, huh? (Score:2, Insightful)
Electronics (Score:4, Insightful)
Probably not unpickable (Score:3, Insightful)
Basically, this is no more unpickable than a card-swipe.
Finally, electric locks have a limited market, which is well saturated with card-swipe and PIN punch products.
Re:But it requires a power supply. (Score:4, Insightful)
same problem as existing locks (Score:5, Insightful)
however, with an optical key, one merely has to carry around a recepticle that, in turn, flashes a beam through the key's inputs, and record the appropriate output. nothing physical needs to be made. in today's terms, i call in the sequence to a buddy who then lays fiber into a template and uses it. meanwhile, i engage conversation on target, reporting when she's left.
cars? are you kidding? these are even easier, merely get a job as a valet and start your database. since it's all just digital information, you have access to VIN and lock solution, license plate number and home town/state (if not entire address, since most people's cars have it somewhere - like the insurance docs). these databases could be traded online just like anything else.
while i think this is very interesting, it still is no substitute for bio-based locks. however, they have their own problems (seem like every part of the body can be captured/duplicated).
Re:Probably not unpickable (Score:2, Insightful)
Easily avoided by putting a signal out each pin and checking for the same signal on the receiving side.
What about one that is configurable, and can try different mappings quickly ?
Easy to defend against, since it's an electronic lock it can detect brute force attacks easily and shutdown the system. If there are 1000000 possible combinations, all you need to do is have it shutdown for 1 minute after say, 10 failed attempts, and suddenly it takes 100000 minutes to brute force.
Basically, this is no more unpickable than a card-swipe.
This part is probably true, but the keys are harder to duplicate at least (for now).
Re:Probably not unpickable (Score:3, Insightful)
Re:Picking one of these would be easy. (Score:3, Insightful)
(And that's assuming one input can't go to multiple outputs; some degree of fan-out is probably possible, which can make it grow even faster.)
Still, I'd lean more towards saying that a dynamic key system, like many car remote locks use, is more intrinsically secure.
Unpickable? (Score:4, Insightful)
Re:key of light (Score:3, Insightful)
Re:Electronics (Score:4, Insightful)
Semantic Issues (Score:4, Insightful)
It's all pretty moot anyway. Spies pick locks, but most of us are more concerned about more prosaic intruders. Who don't waste their time with picks -- they smash or jimmy.
What was my other semantic issue? Oh yeah, "failsafe". Come on people. if you mean "foolproof," say that. I'd like to see "failsafe" preserved for its original [electroid.com] meaning [imdb.com], though my hopes are dimming!
Re:Picking one of these would be easy. (Score:2, Insightful)
Re:Picking one of these would be easy. (Score:3, Insightful)
These are not very hard to add to such a lock, but they make the math even harder. And they make it VERY difficult to develop a universal lockpick, because you would have a hard time making every fiber line up on the pick.
To pick it you would have to somehow make a key that matches the external hookups of the original key, but feeds the fibers out the back into a computer which could then begin decoding the math. Just getting the initial key to line up with the inner barrel of the lock would be quite the feat... doing the math in any reasonable time period would also be pretty damn impressive.
If I was going to approach it, I would try like hell to get a copy of the key (press in clay or something) and reproduce it.. then, with that knowledge, i would run the math externally generating signals. once i had a signal list, i would put the key into the lcok, and run the list rapidly.
To counteract that, you could simply have a length of time required for the light to trigger the open mechanism (i.e. for 3-5 ms, no more, no less) - and have a maximum attempts as well. Try more than twice, and the thing stops accepting input for 24 hours.
This thing is about as close to unpickable as it gets.
External Power? (Score:2, Insightful)
Re:Electronics (Score:5, Insightful)
What about the reverse? (Score:3, Insightful)
And of course, situations where applying brute force to break the lock would be counterproductive (i.e. destroy the materials you're attempting to retrieve).
But then nowadays, all you have to do is make the lock electronic and cryptographic. Even if all the electronics only control a shackle made of wax, you've got the power of the DMCA already.
Re:Electronics (Score:4, Insightful)
Of course, this is weak to people who will just use alternating codes, but security is always inversely proportional to convenience.
I already know how it could be picked (Score:5, Insightful)
Since the light needs transceivers on either end and a physical interface in between for the key all you need to do is make a key with its own transceivers instead of simple light pipes (you'd probably have light-pipes out to an external device which would house a computer "brain" and the transceivers).
So you simply put the key in (or connect it or whatever the physical interface is) and let the computer start routing the inputs to different combinations of outputs.
It would be like the brute-force picker that Medeco has for their locks only maybe a lot faster!
However, having designed a pick, I can also think of half a dozen ways to slow it down enough to make it unuseable.
(If they're smart enough to figure out how to email me maybe I'll even tell them.
Re:Not unpickable (Score:3, Insightful)
Re:Not unpickable (Score:3, Insightful)
A key the size of my car key can have 60 points per side easily.
Scanning a key is generally a constant-factor task, or at worst linear in the number of fibers. More points really only makes the lock (hopefully) secure against brute force attacks.
assembly to scan them
A video camera with two mirrors to catch a 360-degree view of the key. Perhaps use curved mirrors for magnification. The most complicated part is simply sweeping the key with a laser. Then you review the tape at leisure to make a copy. Allowing a whopping 10 seconds to scan makes for a very reasonable "home-brew" scanner. A "professional" scanner tool could definitely be created to do it in a split second - an optical key means a light-speed optical scanner.
have to be well aligned with the input port, else the fiber won't transmit cleanly
Who needs a clean scan? It merely needs to be detectable. A 1% transmission would be plenty visible in a darkened scanning chamber.
These keys aren't much harder to copy then ordinary keys. Not that that's a major failing - we already hand ordinary keys to valets anyway. Keys generally aren't expected to be secure against someone who gets their hands on them.
The main issue is that the locks better have some more sophisticated key-reading method than the article mentions or you won't need the key at all.
-