Physical and cryptoanalytical attacks on digital locking systems

In many installations, traditional locks have been replaced with new type of locks, which do not rely on mechanical security for guarding the doors. Mechanical locks hold several weaknesses, which are due to bad mechanical engineering, tolerances within cylinders, small number of different combinations etc. As the entry cost is small and learning curve for obtaining basic skills is steep, then there are many hobbyists who are into lock picking. For example, simple lock picking sets are available starting from 5 euros, while more advanced and well made sets are available for less than 100 euros. De facto guide for autodidacts is MIT Guide to Lock Picking [7], which has been available for over two decades. More recent methods as bump keying [8] have made most locks practically insecure against a well-learned adversary. The method of key bumping uses specially carved keys, which on being bumped with rubber hammer forces the pins in the lock against deformations and thus opening the lock. Access right management for traditional locks is based on physical possession of the key. If one needs to revoke the access right, then either the key should be returned or the lock reset. Returning the key does not always imply removing the access right as it may be copied. Even if copying the keys has been made hard (eg. through licensing policies), it merely imposes organisational not physical restrictions. All in all, these problems have lead to the creation of a new type of locks, called digital locks. Their security is based on some cryptographic protocols or in some cases obscurity. In theory, there are several nearly-perfect protocols which have received enough scrutiny so that the locks could be impenetrable. In this review we see, that for a certain product this is not the case. In general, when digital locks are attacked, then attacks are due to using insecure primitives. One has also to consider that embedded hardware runs in very constrained environments the design has to consider the scarce amount of randomness and tightly bounded computing and storage capabilities.