What if locks could talk; what stories would they tell?

Presented at May Contain Hackers (MCH2022), July 22, 2022, 9:40 p.m. (50 minutes).

Most security implementations leak information, mechanical security is no different. It takes sharp eyes, a soft touch, and a good hearing to distinguish between information and noise. In this talk we will go in depth on how locks works, and how we can persuade them to disclose their secrets, and open them without damage.

The Open Organization of Lockpickers (Toool) is a group of nerds obsessed with mechanical security. We create, collect, take apart, discuss, and attempt to defeat locks. While we are known for lockpicking, there are many other techniques for opening locks without damage.

This talk will focus on the language of the locks, the side channels in mechanical security systems. We will start with binding order, the mechanism to isolate the locking elements, and exploit them one by one. Then we will discuss a wide variety of other methods of gathering information and opening locks. Most of these methods are not practical, but working them out gives us great joy, and we would like to share the highlights with you.


Presenters:

  • Jan-Willem
    Jan-Willem (@jwrm22) is Embedded Security Analyst and Trainer at Riscure, and Secretary of The Open Organization Of Lockpickers (Toool NL). With his projects, he brings the lockpicking community to a higher level. He has new takes on old ideas, specializes in niche security subjects, and shares his knowledge with the community.

Links:

Similar Presentations: