Safecracking for the computer scientist∗

This paper is a general survey of safe and vault security from a computer science perspective, with emphasis on the metrics used to evaluate these systems and the weaknesses that cause them to fail. We examine security against forced, covert and surreptitious safe opening, focusing on the mechanical combination locks most commonly used on commercial safes in the US. Our analysis contrasts the philosophy and tools of physical security with those of information security, especially where techniques might be profitably applied across these disciplines. 1 Safe and vault security: a computer science perspective There is an undeniable mystique surrounding safes and vaults. Containers to safeguard valuables and secrets from theft and prying eyes have existed almost as long as the concepts of valuables and secrets themselves, and yet in spite of the “Internet age,” details of safes and the methods used to defeat them remain shrouded in obscurity and even a certain amount of mystery. Safe security is a delicate, almost perilous subject, protected by a near reverence that extends, in our imaginations at least, across both sides of the law. Safecrackers are perhaps the most romantic and “professional” of thieves, conjuring images of meticulously planned and executed exploits straight out of Hollywood screenplays. And among the law-abiding, safe and vault technicians (safe men in the traditional parlance) are perceived as an elite, upper echelon of the locksmithing community whose formidable trade is surely passed on only to the most trustworthy and dedicated. Reverence for safe work can even be found in the trade’s own internal literature, with an almost unavoidable, if subtle, swagger accompanying mastery of safe opening technique. The title of a venerable locksmithing treatise on the subject – The Art of Manipulation[LK55] — signals a discipline that demands artistry, not mere craft. Its text begins with a warning to faithfully guard the material in its pages, as well as the suggestion that the book be destroyed completely after its techniques are learned. (Fortunately, some readers have ignored that advice, and a few copies remain available through interlibrary loan). The ambiguity in the term manipulation itself seems oddly appropriate here, evoking perhaps a “lock whisperer,” with the safe somehow persuaded to open against its better judgment, only to regret it later. ∗All text and images c ©2004 by Matt Blaze; all rights reserved unauthorized use or publication, whether for commercial or non-commercial purposes, is prohibited.