notes on mul-t-lock locks.pdf

Upload: ryan-oliver

Post on 13-Apr-2018

252 views

Category:

Documents


0 download

TRANSCRIPT

  • 7/26/2019 Notes on Mul-T-Lock Locks.pdf

    1/5

    Note s o n M u l- T- Lo ck Lo cks

    Matt Blaze

    8 M ay 2 0 03 , u pd at e d 2 0 Ma y 2 00 5 t o i nc l u de i n fo rma t i o n o n t h e

    Michaud attack

    Cl i ck o n t he pho to s fo r h i g he r -r e s o l u ti o n ve r s i o ns

    Figure 1. A Mul-T-Lock cylinder .

    Mul-T- Lock is an internationally distributed line of high security lock cylinders distinguished by the use of a

    telescoping "pin-within-a pin" tumbler design and horizontally-oriented "dimple" keys. The locks are UL-listed a nd

    are hardened against forceful attack. Most cylinders have 5 tumblers. Each tumbler contains an inner and an outer

    pin, giving a total of 10 independently keyed elements in a 5 tumbler lock. (There are also versions that includeadditional secondary security elements, including side pins; they are not shown here.)

    http://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/cylinder-key.htmlhttp://www.crypto.com/
  • 7/26/2019 Notes on Mul-T-Lock Locks.pdf

    2/5

    Figure 2. Mul-T- Lock cylinder face

    M ul- T - Lo ck k eyw ays ar e ar e o r ient ed ho r izo nt ally in t he p lug. K eys ar e d o ub le s id ed as a us er co nvenience and

    can b e ins ert ed eit her w ay, alt ho ugh o nly t he t op o f t he k e y a c tua lly int er ac ts wit h t he p ins . N o te t he fr ont - mo st p in

    vis ib le und er t he t wo left w ar d s ( at the c ent er o f t he p lug) in F igur e 2 .

    Figure 3. Mul-T- Lock key bitting.

    Mul-T- Lock keys resemble "dimple" type keys, although the individual bittings are drilled as two concentric rings,o ne fo r t he o ut er p in a nd a no the r fo r t he inne r.

    http://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/bitting.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/face.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/face.html
  • 7/26/2019 Notes on Mul-T-Lock Locks.pdf

    3/5

    Figure 4. Telescoping Mul-T- Lock pin stack.

    Figure 5. Telescoping Mul-T- Lock pin stack (exploded).

    To p pins ( to p of F igur es 4 and 5 ) co nt ain an int ernal s p ring t hat p us hes d o wn t he inner t o p p in; t he o ut er p in is held

    d o wn b y a co nvent io nal s p ring ( no t s ho wn) . The inner and o ut er b o tt o m p ins ar e held d o wn b y t he inner and o ut er

    up p er p ins , r es pectively. T he inner b o tt o m p in has a s light s p o ol t o p that p r event s it fr o m p as sing o ut t he end o f t he

    outer bottom pin. Master keying is done in the obvious way, with additional pin segments.

    A var iet y o f s ecur it y p in ar rangement s ar e us ed . S o me early mo d els d o no t us e any s p ecial s ecur it y p ins ( excep t t he

    http://www.crypto.com/photos/misc/mul-t-lock/pins2.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/pins2.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/pins2.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/pins1.htmlhttp://www.crypto.com/photos/misc/mul-t-lock/pins1.html
  • 7/26/2019 Notes on Mul-T-Lock Locks.pdf

    4/5

    inner b o tt o m p in s p oo l) , b u t mo r e r ecent s amp les us e s err ated t o p o ut er p ins ( as s ho wn her e) . O ccas io nally,

    mus hr o om b o tt o m o ut er p ins ar e us ed as w ell. Ther e d o no t ap p ear t o b e any s p ecial s ecur it y p ins us ed fo r t he inner

    top pins, at least in the (limited) samples I have examined.

    H ow s ecur e ar e t hes e lo ck s? They ar e at leas t as s ecur e agains t fo r ce as any o t her U L- lis t ed cylind er, inco r po r at ing

    har dened p ins o r b all b earings o ver d r ill p o int s and o t her p o tent ially vulner able s p o ts . K ey co nt ro l is p r ob ab ly

    above-average, at least with respect to unauthorized commercial duplication. Blanks are restricted to contractually-

    authorized dealers, and the keys cannot be cut on conventional low-cost equipment. However, there are no moving,

    electronic, or grossly undercut parts in the key, and a moderately skilled machinist would likely have little trouble

    producing counterfeit keys or blanks.

    The keyspace is sufficiently large to make key interchange unlikely, with ten different keyed elements and no MACS

    between tumblers (although there may be MACS restrictions between the inner and outer cuts of a given tumbler).

    Resistance to conventional picking is good, especially in cylinders that incorporate serrated and mushroom pins

    ( b ut s ee b elo w) . H ow ever , no t e t hat b ecaus e o f t he t eles cop ing p in ar rangement , d efeating any o f t hes e cylind ers is

    mo r e ak in t o p ick ing t wo five p in lo ck s in s eq uence t han o ne t en p in lo ck . The o ut er p ins can b e p ick ed fir s t, w hich

    allo ws t he p lug t o t ur n a few d egr ees, w hich t hen allo ws t he inner p ins t o b e p ick ed s epar ately. W it h p r op er ly

    adapted picking tools, this is not especially difficult (on cylinders without security pins). The locks also appear to be

    vulnerable to vibration and snap-gun picking, although conventional commercial tools made for this purpose do not

    fit properly in the keyway. Impressioning might also be possible, although this would require access to blanks andspecial cutting equipment (a conventional fine metal file would probably not suffice).

    E r i c M i c h au d' s a t ta c k

    Eric Michaud, an undergraduate at Ramapo College in New Jersey, proposed (and published on 20 May 2005) a

    remarkable attack that could allow a simple, fast bypass and that appears to generalize to virtually any current lock

    incorporating the pin-within-a- pin mechanism. Perhaps most significantly, the technique does not depend on great

    skill to perform and uses only a simple (and relatively easily improvised) tool. The concept on which the attack is

    based is superficially similar to "combing" attacks against poorly-designed pin-tumbler locks in which springs areover-c ompressed to simultaneously compromise each tumbler.

    M ichaud ' s at tack exp lo it s t he ar rangement o f t he s p rings t hat ho ld d o wn t he inner and o ut er p ins o f each t umb ler .

    Recall that the spring for the "inner" pin stack is contained entirely within the top pin assembly, while the spring for

    t he "o ut er" p in s t ack is a co nvent io nal- s t yle s p ring t hat s it s ab o ve t he ent ir e t umb ler w it hin it s p in chamb er in t he

    cylind er s hell. B ecaus e t he s maller inner s p ring is w eak er and mo r e eas ily co mp r es s ed t han t he "o ut er" s p ring, in

    o r dinar y o p erat io n up war d pr ess ur e o n t he inner p in is ent ir ely ab s or b ed b y t he inner s p ring and d o es no t caus e t he

    o ut er up p er p in t o mo ve at all. That is , t he d es ign is int end ed t o mak e t he inner and o ut er p ins s tack mo ve

    independently of one another. Unfortunately, this may not actually be the case, and it appears to be possible to use

    o ne p in s t ack t o manip ulat e t he o t her .

    I n p art icular , o b s er ve t hat o nce t he inner s p ring is fully compressed (e.g. by over-lifting the inner bottom pin), any

    fur ther lift ing o f t he inner p in t rans mit s d ir ectly t o t he t o p p in as s emb ly it s elf. That is , o nce t he inner p in has b een

    raised enough to fully compress the inner spring, the outer top pin itself begins to move, and will eventually rise

    ab o ve t he s hear line. Ho wever , becaus e no mo t io n is t rans mit ted t o t he b o tt o m o ut er p in at all, t he b o tt o m o ut er p in

    d o es no t mo ve as t he inner p in is r ais ed . T her efo r e, o ver - lift ing t he b o tt o m inner p in b eyo nd t he p o int at w hich t he

    inner s p ring is fully co mp r es s ed event ually cr eat es a gap in t he o ut er p in s t ack at t he s hear line. I f all inner p ins ar e

    simultaneously over-lifted in this way, the plug can be rotated slightly, trapping the outer top pin assemblies above

    the shear line.

    M ichaud ' s at tack , t hen, co ns is t s o f t hr ee s t ages . F ir s t, a s p ecial t o ol is ins ert ed int o t he p lug t hat o ver - lift s all(typically five) inner pins and the plug rotated as described. Next, the tool is withdrawn with the plug held in

    position, such that the outer top pin assemblies remain trapped above the shear line but the inner pins do not bind.

    A t t his p o int t he inner p in s t ack s can fall b ack t o t heir no r mal r est ing p o s it io n ( wit h t he b o tt o m inner p in s egment

    below the shear line and the top inner pin segment crossing the shear line). Finally, stronger torque is applied to

    rotate the plug, which b ind s t he up p er inner p ins . This allo ws t he inne r p ins t o b e r ais e d t o t he s he a r line o ne b y o ne ,

    muc h a s in conventional lock picking. However, because of t he a ngle a t w hic h t he inne r up p er p ins a re t ra p pe d , t his

    mailto:emichaud%3Catsign%3E%20ramapo(dot)%20eduhttp://www.crypto.com/papers/notes/picking/http://www.crypto.com/papers/notes/picking/http://www.crypto.com/papers/notes/picking/http://www.crypto.com/papers/notes/picking/mailto:emichaud%3Catsign%3E%20ramapo(dot)%20edu
  • 7/26/2019 Notes on Mul-T-Lock Locks.pdf

    5/5

    s ho uld b e a much s imp ler t ask t han o r dinar y lo ck p ick ing. I n p art icular , t he inner p ins can ap p ar ent ly b e s et in any

    o r der ( o r s imult aneo us ly) ; t hey all b ind at o nce and o ver - s ett ing is p r event ed b y t he s ever e angle at w hich t he up p er

    pins are held.

    The main t o ol r equir ed fo r t his at tack is a s mall "co mb " w it h s mall w ir e p r ob es t hat fit t he inner p in o f each p in s tack .

    The t oo l mus t b e c o ns tr uc te d s o t ha t it d o es no t lift t he o ut er b ot to m p ins a b ove t he s he a r line o nc e ins e rt ed o r while

    being removed. (These pins can be lifted during insertion, however, since torque is not applied until after the tool is

    in place). Such a tool is not commercially produced, but should be relatively simple to fabricate from commonly

    available materials (such as music wire).

    Countermeasures

    It appears that a small change to the Mul-T-Lock tumbler design could eliminate this vulnerability. Shortly after Eric

    Michaud described the attack to me, he and I devised a simple and apparently effective countermeasure. The

    co unt ermeas ur e ( which d o es no t at t his t ime ap p ear t o b e emp lo yed b y any o f M ul- T - Lo ck ' s p r od uct s) mo d ifies t he

    top tumbler assembly to prevent the inner pin from being over-lifted. This can be accomplished without change to

    t he exis t ing M ul- T - Lo ck cylind er b y ext end ing t he t o p inner p in t o p r o tr ud e o ut o f t he t o p as s emb ly and t hr o ugh t he

    o ut er s p ring, s uch t hat it is s t op p ed near t he "r o of" o f t he p in chamb er . I f t he ext end ed t o p inner p in is b lo ck ed b y

    t he r o of o f t he p in chamb er b efo r e t he inner s p ring is fully co mp r ess ed , t he inner p in s t ack w o uld b e p r event ed fr o m

    transmitting movement to the outer top pin. Such a modification would have the benefit of requiring no changes to

    the basic cylinder design or keys and existing locks could be retrofitted entirely through replacement of one or more

    top pin assemblies.

    Aside from its practical significance, this attack is interesting because it illustrates an ironic, and yet surprisingly

    common, failure mode in security engineering: the exploita tio n o f o ne s ec urity subsystem to defeat another. The

    individual components of the pin- within-a- pin design are very well designed and Mul-T-Lock's fabrication is of very

    high quality. But because the inner pins interact subtly (and in unanticipated ways) with the outer pins, it can become

    simpler to attack this "high security" design than it would be if these features were not included in the first place.

    I mages t aken w it h a N ik o n D - 1 0 0 d igit al camer a w it h a N ik k o r 8 5 mm 1 :2 . 8 D t ilt /s hift macr o lens ( wit h K enk o

    extension tube). Lit by electronic flash and various reflectors.

    A ll ima ge s a nd t ext C o pyr ight b y Matt Blaze. A ll r ight s r eser ved . Yo u may no t co p y, mo d ify o r us e t hes e images

    or text, in whole or in part, for any commercial or non-commercial purpose without permission.

    C lick her e fo r my lo ck s p age.

    Click here for my photo page.

    C lick her e fo r my ho me p age.

    8 Ma y 2 00 3 ; r e v is e d 2 0 M ay 2 0 05

    mailto:[email protected]:[email protected]://www.crypto.com/http://www.crypto.com/http://www.crypto.com/photos/http://www.crypto.com/photos/locks.htmlmailto:[email protected]