Plastic keys created to open Medeco’’s high-security locksAugust 10th, 2008 - 6:28 pm ICT by ANI
Washington, Aug 10 (ANI): Considered to be the last word in security, Medeco’’s M3 high-security locks, have now been unlocked by using just plastic keys created by Marc Weber Tobias and two colleagues, despite key control measures designed to thwart key duplication.
According to a group of security researchers speaking at the DefCon hacker conference Friday in Las Vegas, keys made from plastic used in credit cards can easily penetrate Medeco high-security locks. The researchers said that the credit cards can be easily fashioned into simulated keys that open three kinds of M3 high-security locks made by the Virginia-based Medeco Security Locks company.
These locks are used to secure sensitive facilities in places such as the White House, the Pentagon, embassies and other buildings.
“Virtually all conventional pin-tumbler locks are vulnerable to this method of attack, and frankly nobody has really considered it or looked at it before,” The Wired news quoted Marc Weber Tobias, one of the researchers, as saying.
They demonstrated that they could create the simulated keys from plastic simply by first scanning or photographing a Medeco key.
They printed the image onto a label and placed the label onto a credit card or other plastic to cut out the key with an X-Acto blade or scissors and then used the key to open a lock covertly.
The keys can not only be created by any credit card plastic, but also with Shrinky Dinks plastic, which comes in sheets that can be run through a printer. For the digital picture of the original key to work, the image has to be to scale.
It is believed that the keys used in places like the White House use a higher level of key control, whereby only the manufacturer — Medeco — would be able to make duplicate keys. But, that seems to be limited to theory.
“Basically, we”ve destroyed Medeco’’s key control, because we can make (plastic keys) for any of their M3 locks and a lot of their Biaxial locks, which is their last generation of locks,” said Tobias, who authored the book Open in Thirty Seconds, with Bluzmanis.
The method works on three types of Medeco’’s M3 high-security locks known as mortise, rim and interchangeable cylinder locks.
The method doesn”t work with other high-security locks, such as those made by Assa, Abloy, Schlage, Mul-T-Lock, and Kaba.
Medeco’’s keys have a special feature in that the bidding on them (the peaks and valleys) is cut at different angles and different offsets (spacing). The patented, integrated design works so that the bidding performs two functions, lifting the pins and rotating them.
Tobias said that the fact that both functions are integrated into one feature makes it easy for them to create a simulated key.
The researchers said that they could open Threat Level’’s lock with covert methods because they were able to determine the angles of the bidding from the scanned picture of the key. (ANI)
Tags: blade, colleagues, credit cards, duplicate keys, embassies, hacker conference, high security, key control, key duplication, last word, marc weber tobias, medeco security locks, pentagon, pin tumbler locks, plastic keys, scissors, security researchers, sensitive facilities, white house, x acto